execute permissions in ACE not handled properly
hlewis at panasas.com
Fri Nov 16 10:33:06 MST 2012
Running Samba 3.6.6 we copy cmd.exe from a windows box to the samba server
as administrator. Add an ACE for a user that grants all but execute
Remove all other ACEs. Map share as the user and double click the file from
explorer to try and execute it. This fails against a windows server
succeeds against samba. An attempt is made to open the file with desired
permissions that include execute and windows returns access denied but
samba allows the open.
Samba calls se_access_check with with access_desired of
which returns an accessgranted that does not include the execute bit (0x20)
but I don't see any where that this is then checked against the original
access to then deny access.
More information about the samba-technical