Problems with the lack of a real RO bit with Samba ...
John E. Malmberg
wb8tyw at qsl.net
Thu Feb 20 02:41:40 GMT 2003
Richard Sharpe wrote:
> On Wed, 19 Feb 2003, Ken Cross wrote:
>
>>Yes, it could have significant impact. Is there are problem with the
>>current way it's set (RO == owner "r" mode)?
That does not match the way it works on an NT server. And there is a
significant difference.
> In our file system, UNIX permission bits are synthesized from ACLs on the
> file objects :-)
>
> Can you give me an idea of the 'significant impact'?
>
> I am trying to convince our file system guys that we need a separate RO
> attribute to accompany the other attributes (like Hidden, System, etc).
RO is special. On Windows NT, It has precedence over all other
attributes. Even "Administrator" access can not override RO.
So for the filesystem to work correctly with SAMBA as PC users would
expect, not only do you need a RO permision, you need logic to make sure
that it overrides all other ACLs that would otherwise grant write access.
It is probably sufficient to leave that "root" can override readonly,
but nothing else should be able to, or it will not function as PC users
expect.
I am assuming that this is a LINUX filesystem that you are designing?
-John
wb8tyw at qsl.network
Personal Opinion Only
More information about the samba-technical
mailing list