[cifs-protocol] [EXTERNAL] [MS-DTYP] meaning of ACCESS_*_CALLBACK_OBJECT_ACE - TrackingID#2309250040000032
Tom Jebo
tomjebo at microsoft.com
Mon Sep 25 00:15:26 UTC 2023
[dochelp to bcc]
[support mail to cc]
Hi Douglas,
Thanks for your request regarding MS-DTYP. One of the Open Specifications team members will respond to assist you. In the meantime, we’ve created case 2309250040000032 to track this request. Please leave the case number in the subject when communicating with our team about this request.
Best regards,
Tom Jebo
Microsoft Open Specifications Support
-----Original Message-----
From: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Sent: Sunday, September 24, 2023 4:36 PM
To: Interoperability Documentation Help <dochelp at microsoft.com>; cifs-protocol at lists.samba.org
Subject: [EXTERNAL] [MS-DTYP] meaning of ACCESS_*_CALLBACK_OBJECT_ACE
hi Dochelp,
The interpretation of ACCESS_ALLOWED_CALLBACK_OBJECT_ACE and ACCESS_DENIED_CALLBACK_OBJECT_ACE is not really explained in MS-DTYP.
Section 2.4.4.17.3 says what to do for ordinary allow and deny conditional ACEs, but not for the object types.
My current assumption for an allow callback ACE goes like this:
1. Test the condition on the ACE
2a. if it is true, treat the ACE as if it is an ACCESS_ALLOWED_OBJECT_ACE.
2b. if it is unknown/false, ignore the ACE.
and correspondingly in the DENY case, with UNKNOWN being treated as "true".
is that correct?
cheers,
Douglas
More information about the cifs-protocol
mailing list