For the case of mounts to servers (Windows 9x, Windows ME and some
appliances etc.) which only support "share level" security (passwords on
mounts, but no username) ... any opinions about the right multiuser
behavior (in regards to credentials). cifs vfs has two security modes:
1) (default) credentials (the smb_uid on all network requests) used is
always the same over the mount for all users on the system
2) (not default, but enabled when /proc/fs/cifs/MultiuserMount is set to
1) cifs client tries to find a matching smb_uid for the particular user
corresponding to the local linux uid making the request
The difficulty with the latter is that we may have to multiplex among
smb_tids (tree ids) to the same resource, each mounted with different
passwords. It is common to have two different passwords on the same
share (one for full access, one for read only access) so it is
reasonable to assume that one uid would have all requests to that
superblock use a different tid than other users - but it is odd because
there is no username on the wire. Currently cifs code checks at mount
time to see if we have a connection to the target server (ip address)
with a particular username - but it looks like this has to change - we
have to not only check if we have a particular connection with this
password if it is a share level security server but also have to map
access (when MultiuserMount is enabled) to that share from on tid to
another based on the incoming uid.
Ideas?
-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
