SE_RESTORE_PRIVILEGE, BACKUP_INTENT and W2K08R2
Richard Sharpe
realrichardsharpe at gmail.com
Thu May 23 13:43:09 MDT 2013
On Thu, May 23, 2013 at 12:38 PM, Christian Ambach <ambi at samba.org> wrote:
> Am 23.05.13 20:35, schrieb Richard Sharpe:
>
>> However, I have a capture against Windows where this seems not to be
>> the case. If the requester has SE_RESTORE_PRIVILEGE it seems that
>> Windows will allow them to change the owner on a file to anything they
>> want.
>>
>> Is this what people see as well?
>
> My understanding is that this the "magic" thing about the SeRestore
> Privilege: it allows backup applications to change ownerships of
> restored files. When you do not have this privilege set, you can
> only change the owner of a file to yourself (when the ACL allows
> you to change the owner), but not give ownership to somebody else.
Sure, but I had been under the impression that you could only make use
of SeRestorePrivilege if you opened the file for backup intent.
However, this seems not to be the case.
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list