Hello! Have you been able to make any progress on this issue?
Thanks, Volker Lendecke On Fri, May 04, 2012 at 02:25:11PM +0000, Sreekanth Nadendla wrote: > [Adding case mail to cc. Removed dochelp, Incident ID in subject] > > Hello Volker, > I am the engineer who will be working with you on this > issue. I am currently researching the problem and will provide you with an > update soon. > > > Regards, > Sreekanth Nadendla > Microsoft Windows Open Specifications > > > -----Original Message----- > From: Mark Miller (MOD) > Sent: Thursday, May 03, 2012 8:59 AM > To: [email protected] > Cc: [email protected]; [email protected] > Subject: RE: handle based permission checks in SMB1? > > Hi Volker, > > Thank you for your question. A colleague will contact you to investigate > this issue. > > Regards, > Mark Miller | Escalation Engineer | Open Specifications Support Team One > Microsoft Way, 98052, Redmond, WA, USA http://support.microsoft.com > > -----Original Message----- > From: Volker Lendecke [mailto:[email protected]] > Sent: Thursday, May 03, 2012 8:23 AM > To: Interoperability Documentation Help > Cc: [email protected]; [email protected] > Subject: handle based permission checks in SMB1? > > Hello, dochelp! > > While writing tests for reauth I noticed some behaviour I did not expect. The > attached trace excercises reauth smb1 behaviour and does some operations on > an open file handle. > In frames 17 and 19 you can see that the file descriptor opened with frame 15 > is good for writing and querying the secdesc. Frames 20 to 23 reauth the > session in question (user id 16385) to anonymous. In frame 25 you can see > that the file handle is still good for writing. Frame 27 however shows that > the reauth killed the ability to query the security descriptor. > Re-authenticating administrator re-establishes the full permissions on the > file handle, see frame 33. Doing the trans2 setfileinfo call to set the > delete-on-close flag shows the same behaviour as reading the security > descriptor does. I can easily provide traces. > > My question: How are permission checks for handle-based SMB1 operations > performed? Write operations seem to only look at bits attached to the handle, > other operations seem to also take the current user token into account. Which > SMB1 operations do permission checking in what ways? > > Thanks, > > Volker Lendecke > > -- > SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen > phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816, GF: > Dr. Johannes Loxen http://www.sernet.de, mailto:[email protected] > > -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:[email protected] _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
