[PATCH] Maintain DOS attributes of externally copied file
Tim Potter
tpot at valinux.com
Wed Aug 8 01:09:02 GMT 2001
On Tue, Aug 07, 2001 at 06:05:14PM -0700, ZINKEVICIUS,MATT (HP-Loveland,ex1) wrote:
> > So what changes would be made by this daemon? Am I right in
> > guessing it's
> > POSIX ACLs?
>
> The daemon calls a tool which copies/removes the security descritor for that
> file. Not using POSIX ACLs, but true NT security descriptors (and DOS
> attributes), which are stored in a database. Filesystems with extended
I've got a feeling that this is how NT works as well. I think it has a
thread that updates security descriptors on disk after you perform updates
over the network. I was seeing some fairly bizzare behaviour when writing
smbcacls - doing a read of a newly set ACL immediately after it has been
set usually fails. If you wait a few seconds then everything is OK.
> copied/deleted along with the file. Samba then uses these security
> descriptors to enforce security rather than the current model of using unix
> permissions, which makes the server much more compatible(*) in NT
> environments.
Neat - I wonder if/how far this can be put in to the kernel? I suspect
quite a bit of work would be involved abstracting the rwx permission
model out so another one can be plugged in.
Tim.
More information about the samba-technical
mailing list