ACL / SD support

Luke Kenneth Casson Leighton lkcl at
Sun Feb 13 19:49:25 GMT 2000

On Sun, 13 Feb 2000, Michael Stockman wrote:

> Hello,
> Just though I'd drop a status report and see how you react. I have
> started with the ACL part, and would be happy to proceed also with the
> SD part in a short while (where I can store data that __really__ is
> necessary and __really__ don't belong in an ACL). I'm also very
> pleased that this implmentation so far have got constant size
> structured which allow size to be predicted only knowing the number of
> ACEs.

the idea behind a security descriptor is that it can be attached to an
object, t.

it is the functional equlvalent of uid, gid and ugo-rwx permissions on
files / directories, where files / directories is the object, and uid,gid
and ugo-rwx is the security descriptor.

consider the stat function.  it does not just return an ACL (or
acl-equivalnt -- ugo-rwx), it returns uid+gid too.

More information about the samba-technical mailing list