On Tue, Jul 16, 2002 at 04:30:06AM +0930, Richard Sharpe wrote: > On Mon, 15 Jul 2002, Joerg Schilling wrote: > > [Added Samba-technical so that this discussion can be recorded]
Please speak slowly and clearly into the microphone. > > >The SEC_DESC contains the Owner SID and the Primary Group SID of the Owner > > >of the file, along with the ACL, which can contain both positive ACEs > > >(allow) and negative ACEs (deny) as well as AUDIT and something else ACEs. > > > > Mmm, Audit entries on Solaris are kept in the shadow passwd file. > > I think audit entries are similar to positive or negative ACEs, and simply > mean that if the specified user/group requested the specified access, > write a system log entry. Yes. There's an ACE type called SEC_ACE_TYPE_SYSTEM_AUDIT which does what you describe. Samba doesn't really support them but you could get a pretty good idea of how they work and what they do by playing around with a couple of NT/Win2k systems and ethereal. > > Having denial ACLs makes it a bit more complex, but if at least the basic > > idea is the same as with POSIX, then it would be possible to add just two > > additional ACL descriptors to the TAR header: > > > > - Denial default entries (descending information starting from dirs) > > > > - Denial access entries > > > > These could just look (besides the label) the same as the existing entries. > > That is a neat idea. That would make it work. We would want to record > user/group names as DOMAIN\name as well, and UID/GID does not necessarily > make sense. Storing a sid and rid would perhaps be a better way to do it as you may not be able to resolve the username or domain due to network problems or that the sid is a foreign sid from a non-trusted domain. Tim.
