force mode (Was: RE: more thoughts on Samba permissions manipulat

Branko Cibej branko.cibej at hermes.si
Fri Jun 18 18:31:32 GMT 1999 

> >       We use it to force group write on files which are maniplated
> >       by a PC program:  they're initially group-writable, until
> >       someone edits them with the PC program, which renames them
> >       to <name>.BAK, and creates a new file <name>.<ext> with the
> >       default permissions and ownerships and the changed data.
> >
> >       This destroys the previous ownership and permissions, so
> >       no-one else can edit the files! Therefor we force group write
> >       on all files created in that share.
> >
>         Ah, that makes sense.  Thank you.
>
> >       By the way, the Eunuch programs which manipulate the files
> >       make a copy named <file>.BAK, and then read from it and
> >       write to <file>.<ext> when changing their contents. This
> >       doesn't blow the ownerships and permissions away.
> >
>         *sigh*  indeed...  why can't PC software vendors get these kind of
> things right?  I know they've been dealing with DOS for the past ten years,
> but even so...

Actually, the correct fix for this particular Microsoftish misfeature is to
cache the permissions and ownership of deleted files for a few seconds, and
restore them if the same file is created again while the info in the cache is
still alive.

NT 4.0 does something like that with mangled file names: it caches the
long->short mapping for a short while, so that it can recreate the original long
or short name, and thus keep 16-bit apps that use the weird (stupid, dangerous,
race-condition-producing, not-to-be-borne and probably heathen) save algorithm,
i.e. old versions of Word, from silently killing off the long file names.


Hmmm ... now that I think about it, caching the permissions isn't enough -- you
have to preserve hard links, i.e. the node number, too. Which means you have to
"logically" delete the file: put it in a table of invisible files, perhaps
rename it to, e.g., `.#deleted#<filename>', and delay the unlink. Should be
fairly easy to do in a VFS module, and the nice thing is that if you're allowed
to delete a file, you're also allowed to rename it (don't know about the sticky
bit semantics, though).


(Yes I've been doing this sort of thing for years now in a versionable file
system, for exactly the same reasons ... our customers seem to expect the Office
tools to work, gods only know why :-)


    Brane

--
Branko Čibej                 <branko.cibej at hermes.si>
HERMES SoftLab, Litijska 51, 1000 Ljubljana, Slovenia
voice: (+386 61) 186 53 49   fax: (+386 61) 186 52 70

More information about the samba-technical mailing list