ACL implementation first draft
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Apr 7 09:22:38 GMT 2009
On Tue, Apr 07, 2009 at 11:59:12AM +0300, Anatoliy Atanasov wrote:
> I uploaded our work on ACL implementation at:
> git://repo.or.cz/Samba/aatanasov.git
> branch: master-acl
>
> It is based on WSPP documentation and it follows the algorithms described there directly.
> The code isn't working, but contains almost all the functionality required for this task.
> There are a couple of test cases already added, which run against Windows 2003.
> What we didn't implement yet is:
> * rename
> * delete tree
> * some special cases of nTSecurityDescriptor
>
> In the following days to SambaXP we plan to focus on:
> * your feedback
> * adding test cases
> * testing the code
Quick and probably stupid question: Is it really necessary
to add another argument to se_access_check? I would think
this routine is core to Windows as well, and I thought the
way it's written is pretty much carved in stone. Did
Microsoft really add an AD-specific argument to that core
routine? For this piece, I would really like to do exactly
what Microsoft does.
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20090407/d68864ef/attachment.bin
More information about the samba-technical
mailing list