Security issue - storing NTACL's in non-NT-security-namespace
hch at infradead.org
Fri Dec 13 03:53:14 MST 2013
On Fri, Dec 13, 2013 at 12:39:40AM -0800, L.A. Walsh wrote:
> Does it have to be under a "namespace" that gets *stripped*
> as soon as the file is copied or "mv'd to another
> samba share (i.e. the partition it was moved to is shared with the
> same permissions as the first one.
Attributes never get "stripped", they simple don't get copied unless
explicit action is taken to do so. Setting trusted attributes up on a
new file will of course rely privilegues, exactly for the reasons
Jeremy pointed out.
More information about the samba-technical