[cifs-protocol] [Pfif] [REG:111052652308584] [ttalpey at microsoft.com: Reminder -- share secdesc and smb2 echo?]

Obaid Farooqi obaidf at microsoft.com
Tue Jun 28 10:55:53 MDT 2011 

Hi Volker:
The information you gave is sufficient. We are still working on it. I'll be in touch as soon as I have an answer.

Regards,
Obaid Farooqi
Escalation Engineer | Microsoft

-----Original Message-----
From: Volker Lendecke [mailto:Volker.Lendecke at SerNet.DE] 
Sent: Tuesday, June 28, 2011 10:25 AM
To: Obaid Farooqi
Cc: pfif at tridgell.net; cifs-protocol at samba.org; MSSolve Case Email
Subject: Re: [Pfif] [REG:111052652308584] [ttalpey at microsoft.com: Reminder -- share secdesc and smb2 echo?]

Hi!

Any updates here? Is the information I gave you sufficient, or do you need more?

With best regards,

Volker Lendecke

On Sat, Jun 18, 2011 at 07:29:09PM +0200, Volker Lendecke wrote:
> On Fri, Jun 17, 2011 at 08:22:05PM +0000, Obaid Farooqi wrote:
> > It looks like we need the trace to properly answer this question. 
> > I appreciate your help and understanding in this matter.
> 
> Ok. Attached find two screenshots that show the share secdesc on a 
> German XP box (w2k8 behaves the same in this respect). Also find 
> corresponding traces.
> 
> fullcontrol.cap shows that given that vl is owner
> (S-1-5-21-1757981266-1482476501-515967899-1003 is xp\vl) of the file 
> but does not have the WRITE_DAC rights from the secdesc in frame 14. 
> Nevertheless, the owner implicit WRITE_DAC makes the NTCREATE in frame 
> 15 asking for WRITE_DAC succeed.
> 
> change.cap is similar, this time the share secdesc does not grant 
> "full control". You can see in frame 16 that asking for WRITE_DAC is 
> denied. However, setting the secdesc via the NT_TRANSACT_CREATE in 
> frame 11 works. In frame 12 you can see this file was newly created.
> 
> The question is: Why can I set a security descriptor on a newly 
> created file although the share secdesc denies WRITE_DAC?
> 
> Are there other exceptions?
> 
> With best regards,
> 
> Volker Lendecke
> 
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816, 
> GF: Dr. Johannes Loxen





> _______________________________________________
> Pfif mailing list
> Pfif at mail.tridgell.net
> http://lists.tridgell.net/cgi-bin/mailman/listinfo/pfif


--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen

More information about the cifs-protocol mailing list