On Wed, 19 Feb 2003, John E. Malmberg wrote: > Richard Sharpe wrote: > > On Wed, 19 Feb 2003, Ken Cross wrote: > > > >>Yes, it could have significant impact. Is there are problem with the > >>current way it's set (RO == owner "r" mode)? > > That does not match the way it works on an NT server. And there is a > significant difference.
Indeed ... > > In our file system, UNIX permission bits are synthesized from ACLs on the > > file objects :-) > > > > Can you give me an idea of the 'significant impact'? > > > > I am trying to convince our file system guys that we need a separate RO > > attribute to accompany the other attributes (like Hidden, System, etc). > > RO is special. On Windows NT, It has precedence over all other > attributes. Even "Administrator" access can not override RO. > > So for the filesystem to work correctly with SAMBA as PC users would > expect, not only do you need a RO permision, you need logic to make sure > that it overrides all other ACLs that would otherwise grant write access. > > It is probably sufficient to leave that "root" can override readonly, > but nothing else should be able to, or it will not function as PC users > expect. Actually, we squash root as well. The test for RO has to be done before any access permisions are checked. > I am assuming that this is a LINUX filesystem that you are designing? Nope. I am not designing it, but we are doing a file system that supports Windows and UNIX access, along with high-bandwidth IO. Regards ----- Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
