[Samba] NFSv4 acls inheritance flags
samba at tlinx.org
Sun May 11 16:55:46 MDT 2014
Theodore Tso wrote:
> One of the big problems is that the Solaris interface for ADS, back
> when people foolishly thought that it made sense to compete misfeature
> for misfeature with everyone of Microsoft's Bad Ideas, is that the
> their alternate data streams were first class files and directories.
> You could fchdirat() into the root of the alternate data stream, and
> then create an entire directory hierarchy of files that could be
> marked executable. So you could in theory put an entire chroot
> inside a Solaris Alternate Data Stream.
Sounds like a Solaris specific feature.
> You could argue that the answer is to make the ADS less fully
> functional, and castrate its functionalityi
Executables are not normally considered 'data' anymore than ACL's or
Solaris put the ability to execute data in ADS's as executables in
their OS. One would assume they have specific controls in place to
manage that, I don't know, but no one is talking
Windows AND linux have *extended file attributes*, (data) that can
be called "ADS's, ACL's
or whatever else you want to label them. It's not till something
"interprets" them that they
have any meaning beyond "raw data". MS's ADS's in current Win versions,
as well as
ext-attrs in current Linux implementations are just 'data', that is
usable to provide
meta information about the files they are attached to for files that
were dreamt of having
meta information (music formats, movies, even encrypted pdf's are all
having meta-info streams in ext-attrs, or ADS's.
Solaris made their ADS's executable.. that's nice. I don't suggest
> --- but if you're going to do that, it's worth asking the question
> whether it deserves to exist at all.
Not suggesting anyone implement solaris ADS streams. Specifically,
we are talking
DATA-containing extended attributes that could be used by samba to
support the same types
of meta data that windows and linux(with xfs, et al.) already support.
> So after you upgrade all of the network and local disk file systems to
> support ADS, so applications can use them without breaking capability
> (and this includes all of the bookshelf file servers serving NFS some
> of which are still on 2.6 kernels thanks to binary firmware blobs),
> and after you upgrade all of the tripwire and rootkit detection
> programs, and after you upgrade zip, rar, tar, etc, to support
> alternate data streams ---- what's the benefit?
It's the exact same benefit as supporting ACL's and file-based
capabilities. Since those
are already implemented on several file systems, any utils that don't
handle those are already
in bigger trouble than whether or not they handle artist names on a
music collection, and 1 or
more filesystems implement them by storing them in "ADS's" (extended
That's why I started off my reply by saying that "ignoring this
issue" would be
"burying one's head in the sand."
> We've lived without alternate data streams for a long time,
Who is "we". They've been on linux since 2001 or earlier. Same with
Windows and Macintosh.
> and programs like Libreoffice have developed alternate solutions to
> the problem.
They store all the ACL's and file-based capabilities in place of using
And you would describe this as "secure"?
> So is it really worth the effort?
Many system utils already handle them. Some applications never will.
Take your pick.
gnu 'cp' already handles them. schilly's version of 'tar' has handled
them for ~10 years (when
it's working...;-)) But why programs like apache would have to change
requires a bit more
> Microsoft probably developed ADS more as a Halloween document strategy
> to screw over open source systems by making them think they had to
> follow them (badly) with every single bad idea.
Didn't Apple have them first in HFS?... I don't remember the chronology
usage seems more mature and widespread.
> Given that Microsoft has become more and more irrelevant, I think it
> will be very, VERY hard to convince the entire open source ecosystem
> that it's worth the effort to develop ADS for Linux, *BSD, GNOME,
> Libreoffice, Apache, etc.
Given that mobile computing is making desktop computing more
irrelevant, and that
the current king of mobile computing is Apple and they *do* implement
ADS's, the implication
of the above premise is doubtful.
At least Linux already has ADS's -- though maybe not in some
"unlimited form" that
other vendors have, 64k is more than enough to implement any malware
springboard that you
would need, if you insist on using Solaris's model -- but no one is
asking for that.
More information about the samba