[PATCH] Fix open bug found at Microsoft interop event.
jra at samba.org
Wed Jun 19 17:04:24 MDT 2013
On Wed, Jun 19, 2013 at 03:56:08PM -0700, Ira Cooper wrote:
> Reviewed by: <ira at samba.org>
> On Wed, Jun 19, 2013 at 3:52 PM, Jeremy Allison <jra at samba.org> wrote:
> > Fix interop bug found by MS-torture test suite.
> > ACLs on files can have FILE_DELETE_CHILD set
> > although it has no meaning for files. Ensure
> > we mask this out when checking allowed access
> > against files. The raw.acl torture test shows
> > that FILE_DELETE_CHILD must still be stored in
> > file ACLs if set/requested.
> > The specific test case that found this was an
> > open request with SEC_RIGHTS_FILE_ALL requested,
> > against an underlying ACL implementation that
> > filters out FILE_DELETE_CHILD from returned
> > ACL entries on files (nfsv4 ACLs).
> > Tested and fixes the issue at the interop event.
> > Please review,
FYI. I'm not going to push this until we've done
more investigation. This stuff is subtle, especially
around the raw.acl tests - so I'm going to make sure
I'm confident we're correctly emulating Windows here.
More information about the samba-technical