On Thu, 15 Jul 2010 15:24:46 -0500 Steve French <smfrench@xxxxxxxxx> wrote: > I merged the first 5 of this series, but wanted to understand what > behavior this changes first (it is probably ok). With current > userspace code - what changes would a user see with this? > With this and the accompanying userspace patch, this makes it so that the credentials cache used when mounting with sec=krb5 is unaffected by the uid= option. The credcache will be determined using the real uid of the user performing the mount. There will be a cifs.upcall option that will make it use the legacy behavior for those that require it for some reason. I consider the current situation a bad design decision on my part as the ownership of files on the mount has no direct relationship to the owner of the mount credentials. The mount credentials should always be under the ownership of the user performing the mount. The existing scheme allows someone to use the credcache of another user to perform a mount. I'll resend the userspace patch in another day or two when I get back from vacation. -- Jeff Layton <jlayton@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
