NT ACL / Security descriptor checking function

David Collier-Brown davecb at canada.sun.com
Fri Feb 11 13:53:19 GMT 2000

 On Fri, 11 Feb 2000, Michael Stockman wrote:
> > I still think the concept of ACLs haven't been covered completely yet,
> > but maybe the basic structure is clear enough to make something to
> > look at (I reserve the right to continue discussion).
Luke Kenneth Casson Leighton wrote:
> > :) oh good.

	If you live in the States or Canada, you used to be able
	to get a copy of the "Grey Book" by writing and asking
	for one.  Now it apparently costs $3.00... I have a
	copy at home...

	The grey book explains the security guy's study of
	mapping ACLs to unix permission bits. It's wordy
	and boring, but they did a very **thorough** job.

	Aha! found it on-line:

	If you want background information on ACLs, the
	Discretinary Access Control in Trusted Systems
	book is there too. Same caveats!

--dave (former Multician and, later, Professional Paranoid) c-b
David Collier-Brown,  | Always do right. This will gratify some people
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain
Willowdale, Ontario   | //www.oreilly.com/catalog/samba/author.html
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com

More information about the samba-technical mailing list