Python tests of Access Control Lists and Privileges

Richard Sharpe realrichardsharpe at
Sun Mar 25 23:12:03 MDT 2012


Here are my thoughts with respect to tests of the Samba ACL handling
and Privileges.

It should consist of:

1. A set of tests, where each test is a Python function or perhaps a
class (not sure of the utility of classes here, hmmm, as classes we
can maintain useful info about each test with some interesting info
and a standard set of methods).

Each test should focus on a specific item, eg: Apply a specific set of
ACEs in an ACL to a file and then try to access the file in ways that
should be allowed and ways that are not allowed.

Privilege tests should test that a user who has privileges get the
access provided by those privileges, even in the presence of DENY
entries etc.

Each test return True for pass, False for fail.

Each test should use normal Python Documentation to document what it
tests and what a failure indicates.

2. A list of those tests.

3. A driver that connects to a server, retrieves version information
etc, and then runs the tests one at a time until they have already
been run. It should then report the statistics, and in particular list
all the tests that fail.

Any other suggestions? Comments.

Richard Sharpe

More information about the samba-technical mailing list