Hi Slow, I have completed my research on this issue regarding querying the SD of an alternate data stream. I have confirmed that the document incorrectly suggests that querying the SD of an alternate data stream must fail with STATUS_INVALID_PARAMETER. In Windows, it actually succeeds by treating the request as a SD request on the main stream. I confirmed this with a similar test to the one that you conducted by directly querying the SD. I also opened an alternate data stream for editing and the SD check also succeeds.
I have submitted a request to have this sentence removed from MS-FSA 2.1.5.14 and 2.1.5.17. Please let me know if you have any additional questions. If I don't hear back from you by Friday, I'll assume you don't have additional concerns and I'll move forward with closing the case. Thanks again for raising this issue and helping us improve the accuracy of MS-FSA. Have a great week! Regards, Kristian Smith Support Escalation Engineer | Microsoft® Corporation Office phone: +1 425-421-4442 Email: kristian.sm...@microsoft.com -----Original Message----- From: Kristian Smith Sent: Thursday, August 15, 2024 9:31 AM To: Ralph Boehme <s...@samba.org> Cc: cifs-protocol@lists.samba.org Subject: RE: [EXTERNAL] Querying SD of a stream - TrackingID#2408130040006466 Hi Slow, I was able to successfully repro the issue you're seeing. Based on the fact that alternate data streams do not have their own Security Descriptors, this is probably intentional; hence the document would be incorrect. I'm currently researching the code to determine any necessary documentation changes. I'll update you when I know what these changes are. Thanks for bringing this to our attention. Regards, Kristian Smith Support Escalation Engineer | Microsoft® Corporation Office phone: +1 425-421-4442 Email: kristian.sm...@microsoft.com -----Original Message----- From: Kristian Smith Sent: Tuesday, August 13, 2024 8:22 AM To: Ralph Boehme <s...@samba.org> Cc: cifs-protocol@lists.samba.org Subject: RE: [EXTERNAL] Querying SD of a stream - TrackingID#2408130040006466 [DocHelp to Bcc] Hi Slow, Thanks for your request. The case number 2408130040006466 has been created for this inquiry. One of our team members will follow up with you soon. Regards, Kristian Smith Support Escalation Engineer | Microsoft® Corporation Office phone: +1 425-421-4442 Email: kristian.sm...@microsoft.com -----Original Message----- From: Ralph Boehme <s...@samba.org> Sent: Tuesday, August 13, 2024 2:37 AM To: Interoperability Documentation Help <doch...@microsoft.com> Cc: cifs-protocol@lists.samba.org Subject: [EXTERNAL] Querying SD of a stream Hello dochelp, according to MS-FSA 2.1.5.14 "Server Requests a Query of Security Information" when querying the SD of a stream the request should be failed: * If Open.Stream.StreamType is DataStream and Open.Stream.Name is not empty, the operation MUST be failed with STATUS_INVALID_PARAMETER; security information can be may only be queried on a file or directory handle, not on a stream handle. But if I query an SD of a stream via SMB3 against a Windows server (Windows Server 2022) I get back the current SD of open.file, network trace attached. MS-FSA 2.1.5.17 "Server Requests Setting of Security Information" has the same clause and setting an SD also works. Is this a doc or product bug? Or am I missing something? Can you please check and clarify? Thanks! -slow _______________________________________________ cifs-protocol mailing list cifs-protocol@lists.samba.org https://lists.samba.org/mailman/listinfo/cifs-protocol
