NT ACL / Security descriptor checking function
Elrond
Elrond at Wunder-Nett.org
Sat Feb 12 15:14:34 GMT 2000
On Sat, Feb 12, 2000 at 09:22:53PM +1100, Michael Stockman wrote:
[...]
> > jeemy has done a perfectly good job of coming up with heuristics to
> turn
> > VMS security descriptors into a unix file permissions. from what i
> > understand, the rules are simple: throw away any bits you can't use.
> > they're only going to be useful to us (the remaining bits)
> +_anyway_.
>
> Would that be the NT bits that the file system doesn't support?
> Suppose that the file system has bits NT doesn't support, that aren't
> ever sent to NT, and that the NT user wouldn't have changed if he had
> know about them? There could be reason to apply "diffs" to ACLs rather
> than straight sets.
Many Unix-filesystems have special bits, that are not
easily mapped to NT-ACLs. The sticky and setgid/setuid-bits
come to mind.
And the ext2-fs of Linux has some special bits too. "s" for
example means, that the contents of the file get's zeroed,
when it is being deleted.
(Since these are special to that filesystem, you can't
modify these bits incidentally with chmod.)
Just some thoughts.
Elrond
More information about the samba-technical
mailing list