Permissions incorrectly ordered on Windows after disabling inheritance

[Richard Sharpe]

On Mon, Aug 27, 2012 at 6:49 PM, Jeremy Allison <jra at samba.org> wrote:
> On Mon, Aug 27, 2012 at 04:59:34PM -0700, Richard Sharpe wrote:
>> On Mon, Aug 27, 2012 at 4:29 PM, Walkes, Dan <dwalkes at tandbergdata.com> wrote:
>> > Awesome!  Thanks!
>>
>> Looks like the problem is in lib/secdesc.c:se_create_child_secdesc. It
>> needs to make an ordering pass over the ACL in the SD to ensure that
>> the ACEs  are ordered correctly. At least that is the case in the
>> Samba 3.5.x code, and I don't think there has been much change there
>> in 3.6.x.
>
> Actually, looking more closely at this I think it's a pretty
> simple bug in that I just forgot to set the SEC_ACE_FLAG_INHERITED_ACE
> on inherited ACE's when I create them :-).
>
> Should have a patch to test tomorrow (home now..).

Well, I guess that depends on the semantics of Creator Owner with the
inherited bit set, doesn't it? Does Windows mark the new ACE created
as a result of a Creator Owner ace that has the inherited bit set as
inherited as well?

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)