NT ACL / Security descriptor checking function
David Collier-Brown
davecb at canada.sun.com
Fri Feb 11 13:53:19 GMT 2000
On Fri, 11 Feb 2000, Michael Stockman wrote:
> > I still think the concept of ACLs haven't been covered completely yet,
> > but maybe the basic structure is clear enough to make something to
> > look at (I reserve the right to continue discussion).
>
Luke Kenneth Casson Leighton wrote:
> > :) oh good.
If you live in the States or Canada, you used to be able
to get a copy of the "Grey Book" by writing and asking
for one. Now it apparently costs $3.00... I have a
copy at home...
The grey book explains the security guy's study of
mapping ACLs to unix permission bits. It's wordy
and boring, but they did a very **thorough** job.
Aha! found it on-line:
http://www.fas.org/irp/nsa/rainbow/tg020-a.htm
If you want background information on ACLs, the
Discretinary Access Control in Trusted Systems
book is there too. Same caveats!
--dave (former Multician and, later, Professional Paranoid) c-b
--
David Collier-Brown, | Always do right. This will gratify some people
185 Ellerslie Ave., | and astonish the rest. -- Mark Twain
Willowdale, Ontario | //www.oreilly.com/catalog/samba/author.html
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com
More information about the samba-technical
mailing list