Changing back to per-thread credentials on Linux (fixing native AIO).
Jeremy Allison
jra at samba.org
Wed Jun 27 11:08:38 MDT 2012
On Wed, Jun 27, 2012 at 10:00:17AM -0700, Richard Sharpe wrote:
> On Wed, Jun 27, 2012 at 9:51 AM, Jeremy Allison <jra at samba.org> wrote:
> >
> > It also makes it much easier to proceed
> > with the threaded aio open code I was working on,
> > as now I can remove all the ugly race-condition
> > handling code I was figting with, as we
> > know that any thread can set its own credentials
> > independently, ensuring no security issues
> > on file create - but that's patch for another
> > day :-).
>
> Does this also mean that the pre-forked smbds with each smbd handling
> many connections will also work on Linux, since we are using Linux'
> ability to do per-thread credentials in violation of POSIX?
Well that would always have worked on any
POSIX system as smbd notes what network uid
the request came in on and changes to the
appropriate POSIX credentials before acting
on their behalf. The lost-wakeup glibc-aio
issue was the only place we were depending
on per-thread credentials but that was
without explicitly knowing we needed them, as the
glibc aio implementation using threads
is a hidden internal detail (if you get
my meaning :-).
Fixing the lost wakeup bug and explicitly
acknowleging we have per-thread creds allows
us to take advantage of this to do optimizations
on this (these? What about *BSDs ?) platforms
that aren't easily done when you only have POSIX
per-process creds.
Jeremy.
More information about the samba-technical
mailing list