A NetApp test, aclfunc.exe seems to think that DACLs with unneeded zeros should not be resized

Richard Sharpe realrichardsharpe at gmail.com
Wed Apr 4 08:04:45 MDT 2012

On Wed, Apr 4, 2012 at 12:53 AM, Volker Lendecke
<Volker.Lendecke at sernet.de> wrote:
> On Tue, Apr 03, 2012 at 03:10:29PM -0700, Richard Sharpe wrote:
>> On 4/3/12, ronnie sahlberg <ronniesahlberg at gmail.com> wrote:
>> > Richard
>> >
>> >
>> > There are applications in the enterprise space that abuses the ACL and
>> > stores binary data inside an ACE.
>> Well, it struck me that people might be hiding stuff in the DACL.
>> Note, however, that in this case the NetApp tool is not abusing ACEs,
>> but rather they are abusing the DACL. The DACL correctly states that
>> there are 5 ACEs in it, and each are the correct size (20, 36, 20, 24,
>> 24 bytes respectively) howevr, the DACL is stated to contain 1000
>> bytes, with the remainder being zeros.
> With the loss of alternate data streams this might become
> much more popular in the future. George Colley probably
> knows about this already :-)

Hmmm, who is George Colley?

BTW, Microsoft have contacted as a result of my email on DocHelp and
have asked for my capture showing that W2K3 does preserve the size and
contents of the DACL.

Richard Sharpe

More information about the samba-technical mailing list