← Back to branch summary

~jspashett/+junk/sossnt-trunk 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

Some FAQ and bugfixes:

1. fixed two bugs regarding long names, thanks to Nathaniel Mishkin

2. The source for the NTFS authentication is provided

3. Missing WST.DLL fixed, had to do with tuning parameter

4. fixed missing _penter(), was compiled with SDK. not VC++
	source code now provided, option /GH was the bady

5. How security works:

>NFS security is like UNIX security, you have the owner, group, world,
>	each of them can have read/write/execute access.
>ie.   testfile.txt	2000 3000 rwx-rw-r--
>which means for
>	file 	testfile.txt
>	owner 	user ID 2000	(ie `rruther`)
>	owner access r/w/execute
>	group    group ID is 3000 (ie. developer)
>	group access is r/w
>	world access read only
>
>
>sossnt config file `user`:
>--------------------------
>	2000	rruther
>	2001	brianmo
>--------------------------
>
>  "	   "	   `group`:
>---------------------------
>	3000	developer
>	3001	users
>---------------------------
>
>   "        "	    `world':
>----------------------------
>	1	everyone
>----------------------------
>
>NTFS file
>	file	testfile.txt
>	Owner	rruther
>	access 	for rruther: 	full
>	access  for developer: 	rw
>	access  for everyone:	r
>	access	for dummygroup:	full (not mapped)
>
>
>When I NFS calls get attribute, owner gets translated to the id
>the first matching group in the access list with a mapping list
>(see above group file), similar with world access.
>The appropiate access rights from the access list are translated into
>UNIX/NFS rights.
>
>Similar with set rigths.
>
>The security enforcment is done by UNIX, in our case at least.
>This means, if you have controll over the client environemt
>and or the network you can access all exported files.
>
>The whole purpose was to make life for admins easier.
>

Ralf Rutherford Telecom Aust   | MHSnet: rruther@cssc-melb.tansu.com.au
Network Services               | Snail:  700 Blackburn Rd, Clayton Vic 3168 
Customised Software Solutions  | 	 Australia
   Center Melbourne            | Phone:  +61 3 253 8910 FAX: +61 3 265 6669