From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steve French Subject: share level security mounts and user credentials Date: Fri, 11 Aug 2006 17:16:51 -0500 Message-ID: <44DD01D3.6000609@austin.rr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: Received: from e5.ny.us.ibm.com ([32.97.182.145]:8417 "EHLO e5.ny.us.ibm.com") by vger.kernel.org with ESMTP id S964797AbWHKWQO (ORCPT ); Fri, 11 Aug 2006 18:16:14 -0400 Received: from d01relay04.pok.ibm.com (d01relay04.pok.ibm.com [9.56.227.236]) by e5.ny.us.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id k7BMGCp5020213 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 11 Aug 2006 18:16:13 -0400 Received: from d01av03.pok.ibm.com (d01av03.pok.ibm.com [9.56.224.217]) by d01relay04.pok.ibm.com (8.13.6/NCO/VER7.0) with ESMTP id k7BMGBYx297704 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 11 Aug 2006 18:16:11 -0400 Received: from d01av03.pok.ibm.com (loopback [127.0.0.1]) by d01av03.pok.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id k7BMGBXr009386 for ; Fri, 11 Aug 2006 18:16:11 -0400 To: linux-cifs-client@lists.samba.org, linux-fsdevel@vger.kernel.org, samba-technical@lists.samba.ortg Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org For the case of mounts to servers (Windows 9x, Windows ME and some appliances etc.) which only support "share level" security (passwords on mounts, but no username) ... any opinions about the right multiuser behavior (in regards to credentials). cifs vfs has two security modes: 1) (default) credentials (the smb_uid on all network requests) used is always the same over the mount for all users on the system 2) (not default, but enabled when /proc/fs/cifs/MultiuserMount is set to 1) cifs client tries to find a matching smb_uid for the particular user corresponding to the local linux uid making the request The difficulty with the latter is that we may have to multiplex among smb_tids (tree ids) to the same resource, each mounted with different passwords. It is common to have two different passwords on the same share (one for full access, one for read only access) so it is reasonable to assume that one uid would have all requests to that superblock use a different tid than other users - but it is odd because there is no username on the wire. Currently cifs code checks at mount time to see if we have a connection to the target server (ip address) with a particular username - but it looks like this has to change - we have to not only check if we have a particular connection with this password if it is a share level security server but also have to map access (when MultiuserMount is enabled) to that share from on tid to another based on the incoming uid. Ideas?