[cifs-protocol] Access check by user x for file y in the context of user z

Horst Reiterer horst.reiterer at mind-breeze.com
Mon Jan 30 23:16:11 GMT 2006


Hi,

My application interacts with file shares via CIFS based on a specific 
user x, a privileged user having access to all shares and data. Now, 
what I would like to do while being connected as user x is checking 
whether user z has access to file y based on share and object ACLs (e.g. 
by performing an open in the context of user z). Is there any way to 
accomplish that with the CIFS protocol?

Windows environments provide a way to impersonate a given user on a per 
thread basis. I assume that, if a thread was accessing a CIFS share and 
impersonated a user, the CIFS server would take that into consideration 
by changing the context accordingly. If that scenario works, what SMBs 
are involved here? Would the same work with Samba as a CIFS server?

Thanks in advance for any hints in this respect!

Cheers,

Horst.


More information about the cifs-protocol mailing list