[cifs-protocol] [EXTERNAL] [MS-DTYP] 2.5.1.1 another SDDL syntax ABNF inaccuracy - TrackingID#2302020040006024

Kristian Smith Kristian.Smith at microsoft.com
Sat Feb 4 01:00:30 UTC 2023 

Thanks for the quick reply, and yes, the example does have more than parentheses than the spec requires. My guess would be that it's to provide additional clarity to see which operation is intended to have precedence.

I'll go ahead and close this one out.

Have a great weekend and please let us know if you come across any other inconsistencies.

Thanks,
Kristian

-----Original Message-----
From: Douglas Bagnall <douglas.bagnall at catalyst.net.nz> 
Sent: Friday, February 3, 2023 4:31 PM
To: Kristian Smith <Kristian.Smith at microsoft.com>; cifs-protocol at lists.samba.org
Cc: Microsoft Support <supportmail at microsoft.com>
Subject: Re: [EXTERNAL] [MS-DTYP] 2.5.1.1 another SDDL syntax ABNF inaccuracy - TrackingID#2302020040006024

hi Kristian,

I don't actually think I have a question about the parentheses any more.

It was just that the SDDL is parenthesis-heavy by convention, and I assumed they might be required more than is implied by that ABNF. However "2.5.1.3 Parentheses and Order of Precedence" says they are not. Examples 2 and 3 have more parentheses than necessary, but that is not a bad thing.

Thanks for the doc change.

Douglas


On 4/02/23 11:22, Kristian Smith wrote:
> Hi Douglas,
> 
> With regards to the "term" actually being a "cond-expr", you are 
> correct. I will submit a document change, and you'll see it propagate in a future release.
> 
> As far as the parentheses are concerned, are you curious why the they 
> are required at the end at the end but nowhere else? Just hoping to 
> confirm the question.
> 
> cond-expr = term /
>                 cond-expr [wspace] ("||" / "&&" ) [wspace] cond-expr /
>                 (["!"] [wspace] *"(" cond-expr ")"*)
> 
> Regards,
> 
> Kristian
> 
> Kristian Smith
> 
> Support Escalation Engineer
> 
> Windows Open Spec Protocols
> 
> Office: (425) 421-4442
> 
> kristian.smith at microsoft.com <mailto:kristian.smith at microsoft.com>
> 
> *From:* Kristian Smith
> *Sent:* Thursday, February 2, 2023 9:58 AM
> *To:* Douglas Bagnall <douglas.bagnall at catalyst.net.nz>;
> cifs-protocol at lists.samba.org
> *Cc:* Microsoft Support <supportmail at microsoft.com>
> *Subject:* RE: [EXTERNAL] [MS-DTYP] 2.5.1.1 another SDDL syntax ABNF 
> inaccuracy
> - TrackingID#2302020040006024
> 
> [Jeff to Bcc]
> 
> Hi Douglas,
> 
> Thanks for reaching out. I'll be looking into this ABNF issue you've presented. 
> I'll get back to you once I have more information.
> 
> Thanks,
> 
> Kristian
> 
> Kristian Smith
> 
> Support Escalation Engineer
> 
> Windows Open Spec Protocols
> 
> Office: (425) 421-4442
> 
> kristian.smith at microsoft.com <mailto:kristian.smith at microsoft.com>
> 
> *From:* Jeff McCashland (He/him) <jeffm at microsoft.com 
> <mailto:jeffm at microsoft.com>>
> *Sent:* Thursday, February 2, 2023 7:32 AM
> *To:* Douglas Bagnall <douglas.bagnall at catalyst.net.nz 
> <mailto:douglas.bagnall at catalyst.net.nz>>; 
> cifs-protocol at lists.samba.org <mailto:cifs-protocol at lists.samba.org>
> *Cc:* Microsoft Support <supportmail at microsoft.com 
> <mailto:supportmail at microsoft.com>>
> *Subject:* Re: [EXTERNAL] [MS-DTYP] 2.5.1.1 another SDDL syntax ABNF 
> inaccuracy
> - TrackingID#2302020040006024
> 
> [DocHelp to BCC, support on CC, SR ID on Subject]
> 
> Hi Douglas,
> 
> Thanks for your question. One of the Open Specifications team members 
> will respond to assist you. In the meantime, we've created case 
> 2302020040006024 to track this request. Please leave the case number 
> in the subject when communicating with our team about this request.
> 
> Best regards,*
> /Jeff M/**/^c /**/Cashland (He/him) /**| Senior Escalation Engineer/| 
> Microsoft/****Protocol Open Specifications Team *
> 
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: 
> (UTC-08:00) Pacific Time (US and Canada)
> 
> Local country phone number found here: 
> https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsuppo
> rt.microsoft.com%2Fglobalenglish&data=05%7C01%7CKristian.Smith%40micro
> soft.com%7C9f6359c446e743cebfc608db06471117%7C72f988bf86f141af91ab2d7c
> d011db47%7C1%7C0%7C638110674529892545%7CUnknown%7CTWFpbGZsb3d8eyJWIjoi
> MC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7
> C%7C&sdata=f%2Bjag7%2B3O9janjkth8LbzRcNhzzEUQ2UhypjuSGupfw%3D&reserved
> =0 
> <https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsupp
> ort.microsoft.com%2Fglobalenglish&data=05%7C01%7CKristian.Smith%40micr
> osoft.com%7C9f6359c446e743cebfc608db06471117%7C72f988bf86f141af91ab2d7
> cd011db47%7C1%7C0%7C638110674529892545%7CUnknown%7CTWFpbGZsb3d8eyJWIjo
> iMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%
> 7C%7C&sdata=f%2Bjag7%2B3O9janjkth8LbzRcNhzzEUQ2UhypjuSGupfw%3D&reserve
> d=0>| Extension 1138300
> 
> ----------------------------------------------------------------------
> ----------
> 
> *From:*Douglas Bagnall <douglas.bagnall at catalyst.net.nz 
> <mailto:douglas.bagnall at catalyst.net.nz>>
> *Sent:* Thursday, February 2, 2023 2:24 AM
> *To:* Interoperability Documentation Help <dochelp at microsoft.com 
> <mailto:dochelp at microsoft.com>>; cifs-protocol at lists.samba.org 
> <mailto:cifs-protocol at lists.samba.org> <cifs-protocol at lists.samba.org 
> <mailto:cifs-protocol at lists.samba.org>>
> *Subject:* [EXTERNAL] [MS-DTYP] 2.5.1.1 another SDDL syntax ABNF 
> inaccuracy
> 
> hi Dochelp,
> 
> I think this bit is wrong in the SDDL ABNF. We have (with irrelevant 
> bits
> omitted):
> 
>     conditional-ace = ... ";" "(" cond-expr ")" ")"
> 
>     cond-expr = term /
>                 term [wspace] ("||" / "&&" ) [wspace] cond-expr /
>                 (["!"] [wspace] "(" cond-expr ")")
> 
> 
> which says a conditional expression compounded with '&&' or '||' can 
> only have a simple term on the left hand side. That doesn't seem 
> right, nor is it in keeping with the text.
> 
> Not least of all, examples 2 and 3 in 2.4.4.17.9 have compound 
> expressions on either side of a central operator, like so:
> 
>     (@User.smartcard==1 || @Device.managed==1) && (@Resource.dept
> Any_of{"Sales","HR"})
> 
> My belief is the example is correct and the ABNF is wrong. It should 
> probably say something  more like this:
> 
>     cond-expr = term /
>                 cond-expr [wspace] ("||" / "&&" ) [wspace] cond-expr /
>                 (["!"] [wspace] "(" cond-expr ")")
> 
> 
> though that doesn't explain when you need parentheses and when you don't.
> 
> Douglas
>

More information about the cifs-protocol mailing list