A NetApp test, aclfunc.exe seems to think that DACLs with unneeded zeros should not be resized
realrichardsharpe at gmail.com
Wed Apr 4 08:04:45 MDT 2012
On Wed, Apr 4, 2012 at 12:53 AM, Volker Lendecke
<Volker.Lendecke at sernet.de> wrote:
> On Tue, Apr 03, 2012 at 03:10:29PM -0700, Richard Sharpe wrote:
>> On 4/3/12, ronnie sahlberg <ronniesahlberg at gmail.com> wrote:
>> > Richard
>> > There are applications in the enterprise space that abuses the ACL and
>> > stores binary data inside an ACE.
>> Well, it struck me that people might be hiding stuff in the DACL.
>> Note, however, that in this case the NetApp tool is not abusing ACEs,
>> but rather they are abusing the DACL. The DACL correctly states that
>> there are 5 ACEs in it, and each are the correct size (20, 36, 20, 24,
>> 24 bytes respectively) howevr, the DACL is stated to contain 1000
>> bytes, with the remainder being zeros.
> With the loss of alternate data streams this might become
> much more popular in the future. George Colley probably
> knows about this already :-)
Hmmm, who is George Colley?
BTW, Microsoft have contacted as a result of my email on DocHelp and
have asked for my capture showing that W2K3 does preserve the size and
contents of the DACL.
More information about the samba-technical