Evaluating Windows Security Descriptors.

simo idra at samba.org
Wed Dec 19 03:41:23 GMT 2007

On Tue, 2007-12-18 at 13:33 -0600, Christopher R. Hertel wrote:
> So...  Let's say I've got a file system that can store (one way or 'nother)
> Windows style Security Descriptors with all of the CACLs and DACLs and SIDs
> and such-like.
> Having that information isn't very useful unless I can enforce Windows-style
> access controls (through a custom VFS layer).  My question:  Is there code
> in Samba4 that can interpret (and, therefore, enforce) Windows access controls?

I think you should try, if at all possible, to do that in the kernel,
that's its function.

> This all goes back to a question I asked several months ago about building a
> VFS layer that could store, access, and interpret Windows ACLs.

For the rest I think Volker has a good answer.


Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>

More information about the samba-technical mailing list