Changing back to per-thread credentials on Linux (fixing native AIO).
J. Bruce Fields
bfields at fieldses.org
Mon Jul 2 14:08:43 MDT 2012
On Mon, Jul 02, 2012 at 09:10:39AM -0400, simo wrote:
> On Mon, 2012-07-02 at 14:36 +0200, Volker Lendecke wrote:
> > Long story short: Anything beyond standard, documented
> > behaviour is just not supported or actively blocked by
> > glibc. Without official blessing by glibc I see the
> > syscall() workaround just in the same place.
> >
> > Try googling for anything around glibc linux per-thread
> > credentials, and you end up at lists.samba.org in this
> > thread. That should tell you something.
>
> I think the only thing it says is that only user space file servers care
> about this feature so badly,
Even if only Samba cares about it, Samba's an important project. (And
maybe Ganesha will be too.)
And is it really only NFS/SMB servers? E.g. doesn't Apache have these
sorts of problems too?
> and only those that still insist in letting
> thee kernel enforce permissions (which is a *good* thing).
Yes.--b.
> Practically only samba has dared trying to really solve this problem, we
> know other people took the easy(?) route and simply re-implemented
> access control in user space (which I think is a terrible idea for
> anything general purpose, but probably ok for an embedded product).
>
> Simo.
>
> --
> Simo Sorce
> Samba Team GPL Compliance Officer <simo at samba.org>
> Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
>
More information about the samba-technical
mailing list