>This way you would have a lot less GPL problems :-) Well, we're not doing it to get around the GPL per se; we just want to use use SMB as one of many transports for RPC. As it happens, most of the requests serviced by our RPC server come in over TCP/IP (that's ncacn_ip_tcp for the DCE geeks).
>If I remember correctly our idea had been a bit different. The idea >was to load dynamic objects into the main smbd. All dynamic objects >would reside in a special directory. A pipe is to be opened, smbd >looks into a table of already loaded objects. If it's not loaded a >libpipe_lsass.so (or so) is looked for and loaded on demand. This way >the security issues look a lot simpler. This sounds similar to the IBM patch Anthony mentioned, except they may not have interfaced at the exact same place. We use filesystem permissions to deal with the "security issues"; SAMBA, LDAP, the KDC, our RPC server all form part of the TCB. -- Luke -- Luke Howard | PADL Software Pty Ltd | www.padl.com
