[cifs-protocol] [MS-DTYP] Conditional ACE SDDL: NOT syntax clarification.
Douglas Bagnall
douglas.bagnall at catalyst.net.nz
Tue Mar 14 22:52:28 UTC 2023
hi Dochelp,
In the ABNF for SDDL, in 2.5.1.1, the only place the NOT operator "!" is
mentioned is in the cond-expr line:
cond-expr = term / \
term [wspace] ("||" / "&&" ) [wspace] cond-expr / \
(["!"] [wspace] "(" cond-expr ")")
(We have already established in 2302020040006024 /
https://lists.samba.org/archive/cifs-protocol/2023-February/003947.html that the
second part with the "||" or "&&" is erroneous -- this question is about the
third part, with the '["!"]').
So that says the only place a "!" can occur is in front of a parenthetical
expression; you can't write "!A", you need to say "!(A)".
That would be OK, and I have been working on that basis, but then in 2.5.1.3
"Parentheses and Order of Precedence", the "!" operator is given a middling
precedence, below that of e.g. "==". And that makes me wonder about an
expression like
!(A) == B
Since == has higher precedence than !, it will grab the (A) before the ! can,
and the expression is effectively "!(A == B)"; if you mean to do it the other
way, you need to write "(!(A)) == B". But that looks silly. It makes me doubt
that the semantic meaning is so divorced from the syntactic rule, and leads me
to think the ABNF is taking another descriptive short cut.
Does '!' really always need to be followed by '('?
cheers,
Douglas
More information about the cifs-protocol
mailing list