[jcifs] Security Correctness

Martin D. Pedersen mdp at visanti.com
Tue Jul 25 07:20:50 GMT 2006

Hi Jake

Actually I think this is the correct behaviour.
The reason you can not navigate your way into the file using eg. Windows Explorer is that it WE tries to open the folder to get the list of files. Which is correctly denied. So therefor it can not show you the file.

But if you ask directly for the file eg. using  a small jcifs program or maybe even a direct path in Windows, you will see that the underlaying security system in Windows allows you to access the file.

So bassically it is a problem with the Windows Explorer navigation not the Effective rights of the file.

-- mdp

> -----Original Message-----
> From: jcifs-bounces+mdp=visanti.com at lists.samba.org 
> [mailto:jcifs-bounces+mdp=visanti.com at lists.samba.org] On 
> Behalf Of Jake Goulding
> Sent: 25. juli 2006 00:05
> To: JCIFS List
> Subject: [jcifs] Security Correctness
> I create a folder that is accessible (read/traverse rights) 
> only to group A, then put a file inside that folder that is 
> only readable by user Z (not in A). I then getSecurity() on 
> the file, it will show that Z has read access to the file. 
> However, if user Z actually comes along, she cannot read the 
> file because she cannot traverse into the folder. Is there 
> some way of getting the effective rights of a given file?
> Thanks!
> -- 
> Software Engineer
> goulding at vivisimo.com
> Viví­simo [Search Done Right™]
> 1710 Murray Avenue
> Pittsburgh, PA 15217 USA
> tel: +1.412.422.2499 x105
> fax: +1.412.422.2495
> vivisimo.com      clusty.com

More information about the jcifs mailing list