[PATCH] Maintain DOS attributes of externally copied file
ZINKEVICIUS,MATT (HP-Loveland,ex1)
matt_zinkevicius at hp.com
Wed Aug 8 01:40:23 GMT 2001
> I've got a feeling that this is how NT works as well. I
> think it has a
> thread that updates security descriptors on disk after you
> perform updates
> over the network. I was seeing some fairly bizzare behaviour
> when writing
> smbcacls - doing a read of a newly set ACL immediately after
> it has been
> set usually fails. If you wait a few seconds then everything is OK.
Possible. I think more likely it is still distributing inherited ACLs, which
can take a relatively long time (but this usually blocks the process who set
the ACL). Does this read failure happen on both NT4 and W2K?
> Neat - I wonder if/how far this can be put in to the kernel?
> I suspect
> quite a bit of work would be involved abstracting the rwx permission
> model out so another one can be plugged in.
Yuch. I am not a fan of NT security; I just implement it :-) NT ACLs being
manipulated in the core layers of the kernel sounds like a very bad idea to
me. A better way to do it would be using a filesystem wrapper or layerable
filesystem, but that's still yuchy (to me anyway). This is purely a userland
problem, and therefore I think the solution should exist in userland (with
kernel assist, ie file-notification).
--Matt
More information about the samba-technical
mailing list