107 – Cannot clear all bits for ACL entries for OTHER or GROUP_OBJ

Bug 107 - Cannot clear all bits for ACL entries for OTHER or GROUP_OBJ

Summary: Cannot clear all bits for ACL entries for OTHER or GROUP_OBJ

Status:	RESOLVED DUPLICATE of bug 106

Alias:	None

Product:	Samba 3.0
Classification:	Unclassified
Component:	File Services (show other bugs)
Version:	3.0.0preX
Hardware:	Other other

Importance:	P2 normal
Target Milestone:	none
Assignee:	Gerald (Jerry) Carter (dead mail address)
QA Contact:

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-05-22 06:50 UTC by Ken Cross
Modified:	2005-02-07 07:57 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ken Cross 2003-05-22 06:50:44 UTC

POSIX ACLs require the 3 standard ACEs: USER_OBJ, GROUP_OBJ, and OTHER.  But 
if you clear all the ALLOW and DENY bits in the Security tab for a file, 
Windows doesn't send them at all.

Currently, the ensure_canon_entry_valid routine in posix_acls.c makes sure all 
3 are valid.  If they don't exist, it reads the existing ACE and uses it.

That makes it impossible to, for example, clear all the bits for "Everyone" 
(aka, OTHER).  If you clear them all, Windows doesn't send any OTHER ACE and 
ensure_canon_entry_valid replaces it with whatever was there before; hence 
it's not changed.

There could be a number of ways to resolve this, but the way it is now doesn't 
seem right.

Comment 1 Ken Cross 2003-05-22 06:53:01 UTC

Duplicate of #106  (Enter key bounced -- sorry.)

Comment 2 Gerald (Jerry) Carter (dead mail address) 2003-05-22 14:02:25 UTC


*** This bug has been marked as a duplicate of 106 ***

Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-02-07 07:57:12 UTC

originally reported against 3.0aph24.  Bugzilla spring cleaning.  
Removing old alpha versions.