Is there any requirement when handling an NT_TRANSACT_SET_SECURITY_DESCRIPTOR to store the DACL exactly as presented on the wire?
realrichardsharpe at gmail.com
Tue Apr 3 15:50:51 MDT 2012
NetApp authored a test called aclfunc.exe that has an ACL Resize Test.
This test creates a directory, then retrieves the DACL on the
directory, pads the DACL up to approximately 1000 bytes with zeros,
and stores it back on the directory with an
It then retrieves the DACL again and expects to see the exact same
size DACL, possibly even with the extraneous zeros.
Samba stores the DACL in the least space possible by removing the zero
padding which the ACL Resize Test claims constitutes a failure of the
Is there any requirement anywhere that the zero padding the test
supplies must be stored?
If needed I can supply a capture of the behavior of the test to show
you what it does.
(I note that W2K3 passes the test, so it does seem to store the DACL
More information about the samba-technical