[cifs-protocol] MS-SMB2/MS-FSA: setting SD inherited ACL flag "... - TrackingID#2105100040001378

Ralph Boehme slow at samba.org
Mon May 17 14:06:29 UTC 2021

Hi Obaid,

Am 5/12/21 um 8:26 PM schrieb Obaid Farooqi:
> What you are describing is documented in MS-DTYP section "2.4.6
> " DC |  Set when the DACL is to be computed through inheritance. When both
> DC and DI DACL Computed Inheritance Required      |  are set, the
> resulting security descriptor sets DI; the DC setting is not
> preserved. " 
> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/7d4dac05-9cef-4563-a058-f108abecce1d
>  Please let me know if this does not answer your question.

thanks for looking into this!

Well, I still find it a bit mind-boggling to align MS-FSA 
(which I read as "object store applies SD *as is*") with MS-DTYP 2.4.6.

But I certainly now do understand the intended behaviour so you can 
close this case. Thanks to the cifs-protocol list archives the issue is 
now clearly documented for anyone who stumbles across this in the future. :)


Ralph Boehme, Samba Team                https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/
GPG-Fingerprint   FAE2C6088A24252051C559E4AA1E9B7126399E46

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20210517/b1edbb6a/OpenPGP_signature.sig>

More information about the cifs-protocol mailing list