[jcifs] NTLM HTTP Filter Authenticates All Users Regardless
ofJCIFSACL Permissions
John Fletcher
jfletcher at latitudegeo.com
Mon Nov 1 21:56:46 GMT 2004
> > <snip>
> > >I just fixed this. It actually surprised me a little to learn how
> > >feable ACL access control on Windows shares is. With
> Windows NT 4.0
> > >at least you can mount a share as any authenticated user regardless
> >
> > >of how the ACL is set. Now that wouldn't be that bad if
> you could not
> > >access anything withing it but you can query the existance and
> > >attributes of a file or directory if you know it's path
> regardless of
> > >how the ACL is set! I had to resort to trying to
> > >*listing* the contents of the share. That causes Access
> Denied if the
> > >user is not listed in the ACL.
> >
> > >Humph!
> >
> > >The fix will be in the next release RSN.
> >
> > >Mike
I've tested the logonShare option in version 1.1.1, and it works as
expected. Thanks for the fix Mike!
John
More information about the jcifs
mailing list