ACL implementation first draft

Volker Lendecke Volker.Lendecke at SerNet.DE
Tue Apr 7 09:22:38 GMT 2009

On Tue, Apr 07, 2009 at 11:59:12AM +0300, Anatoliy Atanasov wrote:
> I uploaded our work on ACL implementation at:
> git://
> branch: master-acl
> It is based on WSPP documentation and it follows the algorithms described there directly.
> The code isn't working, but contains almost all the functionality required for this task.
> There are a couple of test cases already added, which run against Windows 2003.
> What we didn't implement yet is: 
> * rename
> * delete tree
> * some special cases of nTSecurityDescriptor
> In the following days to SambaXP we plan to focus on:
> * your feedback
> * adding test cases
> * testing the code 

Quick and probably stupid question: Is it really necessary
to add another argument to se_access_check? I would think
this routine is core to Windows as well, and I thought the
way it's written is pretty much carved in stone. Did
Microsoft really add an AD-specific argument to that core
routine? For this piece, I would really like to do exactly
what Microsoft does.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :

More information about the samba-technical mailing list