can_delete & can_write_to_file
christophk at cip.wiwi.uni-karlsruhe.de
Mon Jun 20 10:38:56 GMT 2005
during testing my vfs module (i hope i find the time to put the first
bits of it onto sourceforge this week) i encountered some problems with the functions: can_write_to_file and can_delete_file_in_directory. They pretend to emulate in-kernel access checks, but take only mode bits and posix acls into
account. Wouldn't it be wise to move these functions into the vfs, so you
could override it for other right-semantics?
Concerning ntacl-lsm: Up to now i found a version of ntacl-lsm that implements only a hook for unlinking files, but does no access check. How do you want to resolve SIDs to UIDs within the kernel?
More information about the samba-technical