Problems with the lack of a real RO bit with Samba ...
John E. Malmberg
wb8tyw at qsl.net
Thu Feb 20 02:41:16 GMT 2003
Richard Sharpe wrote:
<snip>
> Now, Windows has a RO bit and ACLS, and you can have ACLs on the file that
> give everyone WRITE access, while the RO bit gives no one WRITE access.
>
> My question is, is anyone aware of any real application that would be
> confused if the RO bit were synthesized by setting an appropriate ACL on
> the file?
The Windows NT 4.0 "replication" Service is confused by the way that the
RO bit works now. It copies the attribute to the destination
directory, and then has problem because it can not deal with the fact
that it no longer has permission to modify the file, even if it does not
have to change the file. I do not know if Windows 2000 has that feature.
I have seen reports on this list of applications playing with the
Archive bit and getting confused when it does not work right.
The same may be true of the Readonly bit. However since SAMBA is not
doing it the Microsoft Windows way, there will likely be confusion no
matter what you do. I recommend erring on the side of compatability
with Microsoft Windows.
> I am aware that this could mean that if an inappropriate ACL were added to
> the file, perhaps by mistake (when setting ACLs on all files in a tree),
> the RO bit could disappear.
On OpenVMS, You can give some entries in an ACL a "PROTECTED" attribute.
Then it is harder to have such accidents. Of course that makes
"PROTECTED" attributes a pain to work with at times.
-John
wb8tyw at qsl.network
Personal Opinion Only
More information about the samba-technical
mailing list