1
by jason.spashett
Initial import from sourceforge |
1 |
Some FAQ and bugfixes: |
2 |
||
3 |
1. fixed two bugs regarding long names, thanks to Nathaniel Mishkin |
|
4 |
||
5 |
2. The source for the NTFS authentication is provided |
|
6 |
||
7 |
3. Missing WST.DLL fixed, had to do with tuning parameter |
|
8 |
||
9 |
4. fixed missing _penter(), was compiled with SDK. not VC++ |
|
10 |
source code now provided, option /GH was the bady |
|
11 |
||
12 |
5. How security works: |
|
13 |
||
14 |
>NFS security is like UNIX security, you have the owner, group, world, |
|
15 |
> each of them can have read/write/execute access. |
|
16 |
>ie. testfile.txt 2000 3000 rwx-rw-r-- |
|
17 |
>which means for
|
|
18 |
> file testfile.txt |
|
19 |
> owner user ID 2000 (ie `rruther`) |
|
20 |
> owner access r/w/execute |
|
21 |
> group group ID is 3000 (ie. developer) |
|
22 |
> group access is r/w |
|
23 |
> world access read only |
|
24 |
>
|
|
25 |
>
|
|
26 |
>sossnt config file `user`: |
|
27 |
>--------------------------
|
|
28 |
> 2000 rruther |
|
29 |
> 2001 brianmo |
|
30 |
>--------------------------
|
|
31 |
>
|
|
32 |
> " " `group`: |
|
33 |
>---------------------------
|
|
34 |
> 3000 developer |
|
35 |
> 3001 users |
|
36 |
>---------------------------
|
|
37 |
>
|
|
38 |
> " " `world': |
|
39 |
>----------------------------
|
|
40 |
> 1 everyone
|
|
41 |
>----------------------------
|
|
42 |
>
|
|
43 |
>NTFS file
|
|
44 |
> file testfile.txt
|
|
45 |
> Owner rruther
|
|
46 |
> access for rruther: full
|
|
47 |
> access for developer: rw
|
|
48 |
> access for everyone: r
|
|
49 |
> access for dummygroup: full (not mapped)
|
|
50 |
>
|
|
51 |
>
|
|
52 |
>When I NFS calls get attribute, owner gets translated to the id
|
|
53 |
>the first matching group in the access list with a mapping list
|
|
54 |
>(see above group file), similar with world access.
|
|
55 |
>The appropiate access rights from the access list are translated into
|
|
56 |
>UNIX/NFS rights.
|
|
57 |
>
|
|
58 |
>Similar with set rigths.
|
|
59 |
>
|
|
60 |
>The security enforcment is done by UNIX, in our case at least.
|
|
61 |
>This means, if you have controll over the client environemt
|
|
62 |
>and or the network you can access all exported files.
|
|
63 |
>
|
|
64 |
>The whole purpose was to make life for admins easier.
|
|
65 |
>
|
|
66 |
||
67 |
Ralf Rutherford Telecom Aust | MHSnet: rruther@cssc-melb.tansu.com.au
|
|
68 |
Network Services | Snail: 700 Blackburn Rd, Clayton Vic 3168
|
|
69 |
Customised Software Solutions | Australia
|
|
70 |
Center Melbourne | Phone: +61 3 253 8910 FAX: +61 3 265 6669
|
|
71 |
||
72 |