[SCM] Samba Shared Repository - branch v3-0-test updated -
release-3-0-28-24-geaaf5c7
Jeremy Allison
jra at samba.org
Thu Dec 13 06:55:57 GMT 2007
On Thu, Dec 13, 2007 at 07:44:50AM +0100, Volker Lendecke wrote:
> On Wed, Dec 12, 2007 at 08:07:43PM -0600, Jeremy Allison wrote:
> > Only add the non-root escape on !developer.
> > Jeremy.
>
> What's the point of this change? I think this whole
> getuid()!=0 check is really bogus, we should rely on unix
> permissions and warn appropriately if something did not
> work due to EACCES.
>
> Can we get rid of those checks?
The problem is get_global_sam_sid() smb panic's
if it fails, and it always fails when run as non-root.
ie. bin/smbpasswd -L will immediately core-dump.
This is a bad thing :-). But we want the server to
do this if it fails, so these nasty checks are to
prevent a few client tools getting to get_global_sam_sid()
when not run as root.
It's ugly, but we can live with it I think.
Jeremy.
More information about the samba-technical
mailing list