On Fri, Aug 15, 2008 at 12:41:39AM +0200, Abramo Bagnara wrote: > This is a perfect approach (at least from the samba client point of > view), but does not solve the problem that a file written by a samba > client with FILE_READ_DATA unset and FILE_READ_ATTRIBUTES set is > readable on server machine (locally, via nfs, via ftp or whatever). > > This is IMHO a big problem.
It hasn't been seen as such so far. > Yes, it's a lossy mapping, but what's the reason (or the benefits) to > "round up" it (as samba does now) instead to play safe and to "round > down" it (i.e. the permission set is a subset or the same of what it's > requested). > > I certainly see the security problems of current approach, but perhaps > I'm missing other problems that one of the two safer approaches > described above would put in the game. > > What's your opinion about that? The problem is that a permission set of "---" is currently returned in Samba as a "DENY" ACL. Your plan of mapping an ACE of FILE_READ_ATTRIBUTES to "---" then conflicts with a requested DENY ACE. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
