Aiming for a better DOS attributes emulation

Nick Demou ndemou at enlogic.gr
Mon May 21 08:23:20 GMT 2001


Hi all,

I've just made some extensive testings regarding the mapping of read only and archive attributes by samba and came up with some observations and a suggestion which I believe this list could be interested in. 

(All observetions regard samba 2.2.0 and specificaly shares were more than one users logon keeping their identity - i.e. no "force user" setting aplies)

1) When someone creates a directory which is suposed to be writeable by the owner and the group and then the same user trys to set the "read only" attribute this funny thing hapens:
The owner W bit REMAINS set while the group W bit is cleared. After that there is no way to setback the group W bit from DOS/windows environment (that's why I regard this as a bug).

Here are the settings I believe are relevant
    directory mask       = 0770
    force directory mode = 0000
    dos filemode = yes

2) even if one sets the dos filemode = yes for a share there will be a diference in the way that DOS/Windows handle the attributes and the way samba does:
if a non-owner that has write acces to a file tries to set the read only attribute he will succeed BUT if imidietly after the same user will try to clear it he wont be able (since he has no more write-access any more!). Again ONLY the owner of the file can clear the read only flag (as was the case prior to dos filemode=yes). Some bizar windows programs may be affected by this behaviour (programers write strange things sometimes ;-) and some say windows one's do even stranger).

3) if a file is marked as readonly then again only the owner will be able to change the archive bit. Right now I can't tell how could this affect DOS/windows backup programs. A quick thought: it would mean that a read only file that has it's archive set (little unusual but surely possible) would always get backed up again and again.

4) the archive bit never gets set in directories (the same smbconf settings aply) I believe this is not so important. I only mention it because the manual doesn't clarify this issue and I don't know of what usage the folder's archive bit is for DOS (my backup program seems to ignore it, it only checks the files archive bit).

My suggestion:
DOS was never made to be multiuser so the read only attribute has little resemblance with unix W bit. By sucrifising a little bit of security things could work out in samba the way they would in a DOS filesystem:

There should be 3 levels of DOS filesystem emulation:
Level 0 : 
    as is until now (in v2.2.0)
Level 1 : 
    who ever has bit R set can also change the owner X bit (archive flag). This will benefit users that relay on DOS backup programs whithout compromising security at all (OK some non authorised fool could set the owner eXecutable bit but this has no security risk)
Level 2 : 
    who ever has bit R set has write access too. I.e. the W bit looses its normal UNIX meaning and becomes just a repository for the readonly flag. The R bit gets a new meaning "1 = has full access, 0 = has no access". There of course 2 drawbacks. The 1st one is that we can't have real readonly files but there are a lot of applications were either full or none access is given. In such cases one could benefit by the full emulation of DOS attributes. The second one is that the rights a user has if he will login as a unix user (eg telneting to the samba server) are less that the ones he has as a network user.

I hope that this modification could be easily implemented. 

Thank you all for your work which helps us a lot,

Nick
-------------- next part --------------
HTML attachment scrubbed and removed


More information about the samba-technical mailing list