How to convert security_descriptor in samba to SECURITY_DESCRIPTOR in NT

Ted zgk_1208 at yahoo.com.cn
Thu Apr 1 07:20:01 MDT 2010


So, you mean that ndr_pull_xattr_NTACL just pull a samba defined security descriptor from the data blob(NT format SECURITY_DESCRIPTOR), and ndr_push_xattr_NTACL push the samba defined security descriptor into the data blob(NT format SECURITY_DESCRIPTOR)? If you process the command NT_TRANSACT_QUERY_SECURITY_DESC, you should first call ndr_pull_xattr_NTACL and then ndr_push_xattr_NTACL.

> -----Original Message-----
> From: Stefan (metze) Metzmacher [mailto:metze at samba.org]
> Sent: Thursday, April 01, 2010 6:59 PM
> To: Ted
> Cc: samba-technical at lists.samba.org
> Subject: Re: How to convert security_descriptor in samba to
> SECURITY_DESCRIPTOR in NT
> 
> Ted schrieb:
> > Hi, all
> >
> > I have read the CIFS Protocol document provided by Microsoft and the
> > samba 3.5.0 source code.
> >
> > The CIFS Protocol document says that
> NT_TRANSACT_QUERY_SECURITY_DESC
> > command allows a client to retrieve the security descriptor for a
> > file. And the security descriptor is returned in the data portion of
> > the transaction response.
> >
> > The code in samba process NT_TRANSACT_QUERY_SECURITY_DESC
> command was
> > just load the data blob in xattr and pull an xattr_NTACL out of the
> > data blob by call ndr_pull_xattr_NTACL. The security_descriptor in
> > xattr_NTACL was different from the definition of SECURITY_DESCRIPTOR
> > in NT. So how does this work? Or does anybody know how to convert the
> > samba security_descriptor to a NT SECURITY_DESCRIPTOR?
> 
> don't we do ndr_pull_xattr_NTACL() followed by a
> ndr_push_security_descriptor()?
> 
> metze
> 


__________________________________________________
¸Ï¿ì×¢²áÑÅ»¢³¬´óÈÝÁ¿Ãâ·ÑÓÊÏä?
http://cn.mail.yahoo.com



More information about the samba-technical mailing list