[PATCH] Maintain DOS attributes of externally copied file

Tim Potter tpot at valinux.com
Wed Aug 8 01:09:02 GMT 2001

On Tue, Aug 07, 2001 at 06:05:14PM -0700, ZINKEVICIUS,MATT (HP-Loveland,ex1) wrote:

> > So what changes would be made by this daemon?  Am I right in 
> > guessing it's
> The daemon calls a tool which copies/removes the security descritor for that
> file. Not using POSIX ACLs, but true NT security descriptors (and DOS
> attributes), which are stored in a database. Filesystems with extended

I've got a feeling that this is how NT works as well.  I think it has a
thread that updates security descriptors on disk after you perform updates
over the network.  I was seeing some fairly bizzare behaviour when writing
smbcacls - doing a read of a newly set ACL immediately after it has been
set usually fails.  If you wait a few seconds then everything is OK.

> copied/deleted along with the file. Samba then uses these security
> descriptors to enforce security rather than the current model of using unix
> permissions, which makes the server much more compatible(*) in NT
> environments.

Neat - I wonder if/how far this can be put in to the kernel?  I suspect
quite a bit of work would be involved abstracting the rwx permission 
model out so another one can be plugged in.


More information about the samba-technical mailing list