Windows/NFSv4 ACL interoperability
Roche_Francois at emc.com
Roche_Francois at emc.com
Tue Mar 14 16:44:13 GMT 2006
Maybe, but one thing is sure is the API on the client side is checking the
structure. On the other side there is no interpretation of SIDs as long
their structure is correct, the sid could correspond to nothing but the
server accept it.
François
-----Original Message-----
From: Michael B Allen [mailto:mba2000 at ioplex.com]
Sent: mardi 14 mars 2006 17:38
To: Roche, Francois
Cc: tridge at samba.org; christophk at cip.wiwi.uni-karlsruhe.de;
bfields at fieldses.org; Gardere, Daniel; samba-technical at lists.samba.org;
nfsv4 at ietf.org
Subject: Re: Windows/NFSv4 ACL interoperability
On Tue, 14 Mar 2006 06:36:10 -0500
Roche_Francois at emc.com wrote:
> I totally agree with Tridge, it is the client which is doing the
propagation
> down the tree not the server.
> Windows server is doing it only for file/directory creation.
Because security descriptors are not NDR encoded in various RPCs
I strongly suspect that they are not interpreted at all when simply
getting or setting them. They are just binary blobs. You get out
what you put in.
Mike
More information about the samba-technical
mailing list