NT file-permissions

Cole, Timothy D. timothy_d_cole at md.northgrum.com
Tue Jul 20 16:22:07 GMT 1999

Hrm; are you talking about "faking" full ACLs in Samba itself (probably
using metadata stored in files someplace), or simply supporting (exposing)
native ACLs on those Unices that have them?

I'm don't think the former is a good idea:  it causes the burden of access
control to fall on Samba, rather than the OS.  Among other things, that
would allow (indeed, require, if the underlying OS did not support ACLs) the
access granted by Samba and the OS to get out of sync.

The latter, however, is probably a good idea.  Note that, as there is no
apparent standard for ACL implementations under Unix, a separate
implementation is needed for each OS.  I've been playing with some ideas for
an HP-UX implementation, myself.  Probably what's needed first is a set of
generic utility functions to get/set NT ACLs on Unix files, with the actual
implementation varying depending on the host OS.

> -----Original Message-----
> From:	raupach at cs-consulting.de [SMTP:raupach at cs-consulting.de]
> Sent:	Tuesday, July 20, 1999 10:51
> To:	Multiple recipients of list SAMBA-TECHNICAL
> Subject:	NT file-permissions
> Hi, ......
> In 2.0.4 the UNIX file-permissions are mapped to NT permissions. Is it
> possible to have the
> full NT file-permissions on samba? Is it planed to do this? Who is working
> on this feature? Can I help to
> realise this ?
> ------
>    Oliver Raupach

More information about the samba-technical mailing list