Aiming for a better DOS attributes emulation

Mon May 21 09:27:13 GMT 2001

Well, thinking about this problem, I got this idea:
on posix acl enabled file-system we have the possibility to add
more users permissions.
So the idea is make a global option like:
dosbits user = dosbits
and have admins create this user (dosbits);
then add this user into the acl of the files and use it's permission bits
to store readonly and archive flags.
as not all the filesystem will have acl we will also add a per share option:
acl dosbits = yes/no (default to no)

What do you think?

Simo.

On Mon, May 21, 2001 at 11:23:20AM +0300, Nick Demou wrote:
> Hi all,
> 
> I've just made some extensive testings regarding the mapping of read only and archive attributes by samba and came up with some observations and a suggestion which I believe this list could be interested in. 
> 
> (All observetions regard samba 2.2.0 and specificaly shares were more than one users logon keeping their identity - i.e. no "force user" setting aplies)
> 
> 1) When someone creates a directory which is suposed to be writeable by the owner and the group and then the same user trys to set the "read only" attribute this funny thing hapens:
> The owner W bit REMAINS set while the group W bit is cleared. After that there is no way to setback the group W bit from DOS/windows environment (that's why I regard this as a bug).
> 
> Here are the settings I believe are relevant
>     directory mask       = 0770
>     force directory mode = 0000
>     dos filemode = yes
> 
> 2) even if one sets the dos filemode = yes for a share there will be a diference in the way that DOS/Windows handle the attributes and the way samba does:
> if a non-owner that has write acces to a file tries to set the read only attribute he will succeed BUT if imidietly after the same user will try to clear it he wont be able (since he has no more write-access any more!). Again ONLY the owner of the file can clear the read only flag (as was the case prior to dos filemode=yes). Some bizar windows programs may be affected by this behaviour (programers write strange things sometimes ;-) and some say windows one's do even stranger).
> 
> 3) if a file is marked as readonly then again only the owner will be able to change the archive bit. Right now I can't tell how could this affect DOS/windows backup programs. A quick thought: it would mean that a read only file that has it's archive set (little unusual but surely possible) would always get backed up again and again.
> 
> 4) the archive bit never gets set in directories (the same smbconf settings aply) I believe this is not so important. I only mention it because the manual doesn't clarify this issue and I don't know of what usage the folder's archive bit is for DOS (my backup program seems to ignore it, it only checks the files archive bit).
> 
> My suggestion:
> DOS was never made to be multiuser so the read only attribute has little resemblance with unix W bit. By sucrifising a little bit of security things could work out in samba the way they would in a DOS filesystem:
> 
> There should be 3 levels of DOS filesystem emulation:
> Level 0 : 
>     as is until now (in v2.2.0)
> Level 1 : 
>     who ever has bit R set can also change the owner X bit (archive flag). This will benefit users that relay on DOS backup programs whithout compromising security at all (OK some non authorised fool could set the owner eXecutable bit but this has no security risk)
> Level 2 : 
>     who ever has bit R set has write access too. I.e. the W bit looses its normal UNIX meaning and becomes just a repository for the readonly flag. The R bit gets a new meaning "1 = has full access, 0 = has no access". There of course 2 drawbacks. The 1st one is that we can't have real readonly files but there are a lot of applications were either full or none access is given. In such cases one could benefit by the full emulation of DOS attributes. The second one is that the rights a user has if he will login as a unix user (eg telneting to the samba server) are less that the ones he has as a network user.
> 
> I hope that this modification could be easily implemented. 
> 
> Thank you all for your work which helps us a lot,
> 
> Nick

-- 
Simo Sorce
------------------------------
 Unix IS user friendly, it is just selective about who his friends are.