|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tim Potter schrieb:
> On Thu, 2005-08-11 at 12:59 +0000, metze@xxxxxxxxx wrote:
>
>>Author: metze
>>Date: 2005-08-11 12:59:14 +0000 (Thu, 11 Aug 2005)
>>New Revision: 406
>>
>>WebSVN:
>>http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=406
>>
>>Log:
>>I got the basic infrastructure for setting the nttoken working
>>it currently uses just strings, but I'll pass an ndr_encoded
>>struct security_token as next step
>>
>>metze
>>Modified:
>> trunk/ntacl-lsm/main.c
>
>
> Nice one! I still think it's better to keep the interface text-based
> though. Will the kernel guys even go for a binary interface? There
> might be a lot of opposition.
I think for configuration stuff you're right, that should be under
/sys/security/*
and have text based interfaces, but for setting the security token, it's much
easier
to use a ndr blob, as we get it for free, and it should not be used by scripts
or by someone on the commandline only by the current task, to set its own
attributes.
I'll add a libntacl-lsm.so that provide a call,
ntacl_get_security_token()
ntacl_set_security_token()
and command line tools testing.
- --
metze
Stefan Metzmacher <metze at samba.org> www.samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFC/Mynm70gjA5TCD8RAmlRAJ9gZ84zKxqEchmfMx40fEXV5VceNACg0PsB
tePov+siHdHyfymy76J0leo=
=oW0z
-----END PGP SIGNATURE-----
|
|