Posix Extended headers ...

[Tim Potter]

On Tue, Jul 16, 2002 at 04:30:06AM +0930, Richard Sharpe wrote:

> On Mon, 15 Jul 2002, Joerg Schilling wrote:
> 
> [Added Samba-technical so that this discussion can be recorded]

Please speak slowly and clearly into the microphone.

> > >The SEC_DESC contains the Owner SID and the Primary Group SID of the Owner 
> > >of the file, along with the ACL, which can contain both positive ACEs 
> > >(allow) and negative ACEs (deny) as well as AUDIT and something else ACEs.
> > 
> > Mmm, Audit entries on Solaris are kept in the shadow passwd file.
> 
> I think audit entries are similar to positive or negative ACEs, and simply 
> mean that if the specified user/group requested the specified access, 
> write a system log entry.

Yes.  There's an ACE type called SEC_ACE_TYPE_SYSTEM_AUDIT which does
what you describe.  Samba doesn't really support them but you could get
a pretty good idea of how they work and what they do by playing around
with a couple of NT/Win2k systems and ethereal.

> > Having denial ACLs makes it a bit more complex, but if at least the basic
> > idea is the same as with POSIX, then it would be possible to add just two 
> > additional ACL descriptors to the TAR header:
> > 
> > -	Denial default entries (descending information starting from dirs)
> > 
> > -	Denial access entries
> > 
> > These could just look (besides the label) the same as the existing entries.
> 
> That is a neat idea. That would make it work. We would want to record 
> user/group names as DOMAIN\name as well, and UID/GID does not necessarily 
> make sense.

Storing a sid and rid would perhaps be a better way to do it as you may
not be able to resolve the username or domain due to network problems or
that the sid is a foreign sid from a non-trusted domain.


Tim.