[cifs-protocol] [MS-SMB2] allow read based on FILE_EXECUTE permission
uri at samba.org
Sun Jul 31 17:44:45 UTC 2016
This question concerns the right to read from a file opened with
FILE_EXECUTE but without FILE_READ_DATA in the desired access mask.
According to [MS-SMB2] section section 126.96.36.199, about how to process a
If Open.GrantedAccess does not allow for FILE_READ_DATA, the request
MUST be failed with STATUS_ACCESS_DENIED.
However, testing against Windows Server 2012R2 shows that if
FILE_EXECUTE is granted instead of FILE_READ_DATA, the read is also
allowed (I suppose this has to do with running executables...)
The attached tcpdump packet trace demonstrates that - in packet 22, EOF
is returned instead of ACCESS_DENIED.
Can you please clarify?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5090 bytes
Desc: not available
More information about the cifs-protocol