[Samba] Inheritable Permissions Issue
farhan.sarwar at gmail.com
Thu Apr 10 21:45:21 GMT 2008
Did you get to the root of the problem ?
David Eisner-2 wrote:
> On Thu, Feb 28, 2008 at 6:51 PM, David Eisner <deisner at gmail.com> wrote:
>> Permissions tab of the Advanced Security Settings dialog, whenever I
>> uncheck the "Allow inheritable permissions from the parent to
>> propagate to this object and all child objects" checkbox, and hit
>> Apply, the checkbox always returns to the checked state immediately.
>> It is never possible to get it into an unchecked state. Is this the
>> expected behavior?
> Just an update. I've been peering through the code trying to debug
> this problem. Here's what I've learned so far:
> 1. The value represented by the "inheritable permissions" checkbox is
> stored in the security descriptor's SE_DACL_PROTECTED control flag.
>  In the Samba code, these flags are stored in the SEC_DESC
> struct's "type" member.
> 2. set_nt_acl() (in smbd/posix_acls.c) is responsible for handling the
> request to set the security descriptor on the file. Among other
> things, it calls append_parent_acl(). This function is clobbering the
> SE_DESC_DACL_PROTECTED bit in psd->type. It has the correct value
> before the call, but it winds up getting cleared.
> 3. I see this comment inside append_parent_acl():
> * Note that we're ignoring "inherit permissions" here
> * as that really only applies to newly created files. JRA.
> Is this a bug?
> I'll take a look at what's in git and do some more research.
>  http://tinyurl.com/2pt7nh
> David Eisner http://cradle.brokenglass.com
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
View this message in context: http://www.nabble.com/Inheritable-Permissions-Issue-tp15748956p16618682.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba