acl_xattr storage format (Re: Moving forward towards releasing Samba 4.0)

steve steve at
Mon May 21 07:18:32 MDT 2012

On 05/21/2012 09:23 AM, Andrew Bartlett wrote:
> On Mon, 2012-05-21 at 09:00 +0200, Stefan (metze) Metzmacher wrote:
> I'm particularly concerned that any change in our POSIX ACL -> NT ACL 
> mapping (to fix a bug in the mapping, such as might be required for 
> #8938 if confirmed)
8938 has been confirmed by independent users. I added that something as 
seemingly simple as:

chmod g+s

was not understood by s3fs. Having all files owned by "Domain Users" 
(DU) on a g+s share to a group other than DU doesn't look good from a 
security pov.

Would it be possible to check the underlying permissions, sticky bits 
and ownership on a folder before writing to it?

We still have the test lan in place. Please tell us what you'd like us 
to do to get over this.

More information about the samba-technical mailing list