diff options
| author | Jeremy Allison <jra@samba.org> | 2003-03-07 19:37:27 +0000 | 
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2003-03-07 19:37:27 +0000 | 
| commit | 6a141b7963de61b1223031ea4012605aeca13bc7 (patch) | |
| tree | 8f882c16995b781e87e8bbe83e88ab7a4e7634de /docs/htmldocs/securitylevels.html | |
| parent | 8a751c019c21b1925fd352639f8237cf0a6ebac9 (diff) | |
| download | samba-6a141b7963de61b1223031ea4012605aeca13bc7.tar.gz samba-6a141b7963de61b1223031ea4012605aeca13bc7.tar.bz2 samba-6a141b7963de61b1223031ea4012605aeca13bc7.zip | |
Patch from Michael Steffens. In his own words :
-------------------------------------------------------------------------
I think there are basically two problem:
  1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ,
     and SMB_ACL_OTHER.
     The function ensure_canon_entry_valid() is prepared for that, but tries
     to "guess" values from group or other permissions, respectively, otherwise
     falling back to minimum r-- for the owner. Even if the owner had full
     permissions before setting ACL. This is the problem with W2k clients.
  2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs.
     This is ok in a take-ownership situation, but must fail if the file is
     to be given away. This is the problem with XP clients, trying to transfer
     ownership of the original file to the temp file.
The problem with NT4 clients (no ACEs are transferred to the temp file, thus
are lost after moving the temp file to the original name) is a client problem.
It simply doesn't attempt to.
I have played around with that using posic_acls.c from 3.0 merged into 2.2.
As a result I can now present two patches, one for each branch. They
basically modify:
  1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER
     as "preserve current value" instead of attempting to build one ourself.
     The original code is still in, but only as fallback in case current values
     can't be retrieved.
  2. Rearrange set_nt_acl() such that chown is only done before setting
     ACLs if there is either no change of owning user, or change of owning
     user is towards the current user. Otherwise chown is done after setting
     ACLs.
It now seems to produce reasonable results. (Well, as far as it can. If
NT4 doesn't even try to transfer ACEs, only deliberate use of named default
ACEs and/or "force group" or the crystal ball can help :)
-------------------------------------------------------------------------
Jeremy.
(This used to be commit 8ec20cbae7ca7e685b1a4186d8482c7405915dc3)
Diffstat (limited to 'docs/htmldocs/securitylevels.html')
0 files changed, 0 insertions, 0 deletions
