What is Windows is using to determine that it needs to do the "executability" test? There is no executable bit in Windows. There is the ACL entry, but nothing at the DOS level. That is, unless they are testing the file extension.
What Windows would need is a marker that enables a file for execution, and a network request from the client which notifies the server that the file is being read for execution. Windows could compare the two, and deny the read if the file is not enabled. In any case, it has to trust the client not to read the file for non-execution, and then execute it. Since Windows is also the client, such a trustworthiness can be relied upon. I would not be surprised to learn that Samba does not do the "executable" test on files being read, since there is no reasonable place to store a Windows execution flag. (Perhaps this can be added as an extended attribute setting.) If Windows is testing the file extension instead, then Samba should be extended to do the same thing. -----Original Message----- From: Jim McDonough [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 01, 2003 12:03 PM To: John H Terpstra Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; Nick Drouet Subject: Re: Users able to execute windows .exe though execute bit not set >Perhaps you can explain how you would achieve your goals if the server was >running Windows 2000 Server. If you can demonstrate a pure Windows >solution maybe we could match that with Samba. John, I've checked it out and this is a real difference between Samba and NT or 2k. NT/2k both check the X permission, and we don't, because we rely on open(), and you can't request X access on open()... ---------------------------- Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA [EMAIL PROTECTED] [EMAIL PROTECTED] Phone: (207) 885-5565 IBM tie-line: 776-9984
