[linux-cifs-client] patch to fix an error during set security
descriptor
Shirish Pargaonkar
shirishpargaonkar at gmail.com
Mon Feb 11 14:47:17 GMT 2008
On Feb 11, 2008 8:23 AM, Dave Kleikamp <shaggy at linux.vnet.ibm.com> wrote:
>
>
> On Mon, 2008-02-11 at 00:27 -0600, Shirish Pargaonkar wrote:
> > As per current implementation of chmod, cifs client send a security descriptor
> > consisting of three aces in a dacl, owner, group, and other.
> > There is bug i.e. the allocated size to build security descriptor
> > utilizes the size
> > obtained during get security descriptor. This size can be smaller as the
> > file may have less than three aces in which case the allocated size of
> > security descriptor to set is inadequate.
> > This fix allocates a minimum size needed to build the largest possible
> > security descriptor containing three aces.
>
> minimum size? It sounds more like a maximum size. Minimum would imply
> that the size could get bigger.
>
> Shaggy
> --
> David Kleikamp
> IBM Linux Technology Center
>
>
Shaggy,
No, I think it would be minimum size for chmod as per the current design.
When it comes to POSIX ACLs to NTFS ACLs mapping later on, we could be
sending DACL consisting of more than three ACEs.
And I should be calling DEFSECDESCLEN instead of MINDACLLEN
as it is (default) security descriptor length, not just (minimum) DACL length.
Regards,
Shirish
More information about the linux-cifs-client
mailing list