Test for reproducing Security ace object add to descriptor bug
Zahari Zahariev
zahari.zahariev at postpath.com
Thu Apr 2 14:12:56 GMT 2009
Hello Jelmer & Samaba4,
This is a bug that I found when tried to create a custom
nTScurityDescriptor. To do that I created "security.ace" object which I
made "Deny read to Administrator" ACE but when it comes to the "trustee"
property that has to be "security.dom_sid" object something goes wrong
after assignment. The initial ObjectSID value is not the same any more.
Therefore when this ACE is added to the descriptor there is most of the
time "(SID ERR)" instead of the real SID in SDDL representation.
I have prepared a Python unittest that validates the error described above.
Cheers, Zahari
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Security.ace-object-added-to-descriptor-error.patch
Type: text/x-patch
Size: 5627 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20090402/d3435aed/0001-Security.ace-object-added-to-descriptor-error.bin
More information about the samba-technical
mailing list