[PATCH] Patches required for POSIX ACL support of GPOs
Jeremy Allison
jra at samba.org
Tue May 15 15:38:57 MDT 2012
On Wed, May 16, 2012 at 07:28:04AM +1000, Andrew Bartlett wrote:
> On Tue, 2012-05-15 at 13:04 -0700, Jeremy Allison wrote:
> >
> > You add a new call:
> >
> > +static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
> > + const struct dom_sid *user_sid,
> > + bool is_guest,
> > + uid_t *uid, gid_t *gid,
> > + char **found_username,
> > + struct security_token **token)
> >
> > which you rewrite create_token_from_username() to call (this
> > is a nice idea BTW, and good in theory).
> >
> > Note that the user_sid parameter is "const struct dom_sid *"
> > (emphasis on the const).
> >
> > Inside that new function you do :
> >
> > - uid_to_unix_users_sid(*uid, &user_sid);
> > + uid_to_unix_users_sid(*uid, &tmp_sid);
> > + user_sid = &tmp_sid;
> >
> > BOOP ! BOOP ! WARNING ! GO NO FURTHER !!!!
> >
> > You just overwrote the passed in user_sid, which is explicitly
> > supposted to be const (yeah, I know it's a const pointer, but
> > still....).
>
> How did I do that? I overwrote the local copy of the pointer to the
> passed in SID.
Arggh. Yes, you're correct - I read that as :
*user_sid = tmp_sid;
Which would have had the effect I feared.
Never mind - ignore the rest of the paranoia :-).
At least I'm looking at the patches *REALLY CAREFULLY* (if
incorrectly :-) :-).
Sorry for the noise.
Jeremy.
More information about the samba-technical
mailing list