Hello Volker,
Our product group is investigating this issue closely.
I will provide you an update as soon as we conclude our review. Thank you for
being patient.
Regards,
Sreekanth Nadendla
Microsoft Windows Open Specifications
-----Original Message-----
From: Volker Lendecke [mailto:[email protected]]
Sent: Tuesday, May 22, 2012 4:39 AM
To: Sreekanth Nadendla
Cc: MSSolve Case Email; [email protected]; [email protected]
Subject: Re: 112050346749387 handle based permission checks in SMB1?
Hello!
Have you been able to make any progress on this issue?
Thanks,
Volker Lendecke
On Fri, May 04, 2012 at 02:25:11PM +0000, Sreekanth Nadendla wrote:
> [Adding case mail to cc. Removed dochelp, Incident ID in subject]
>
> Hello Volker,
> I am the engineer who will be working with you on this
> issue. I am currently researching the problem and will provide you with an
> update soon.
>
>
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
>
>
> -----Original Message-----
> From: Mark Miller (MOD)
> Sent: Thursday, May 03, 2012 8:59 AM
> To: [email protected]
> Cc: [email protected]; [email protected]
> Subject: RE: handle based permission checks in SMB1?
>
> Hi Volker,
>
> Thank you for your question. A colleague will contact you to investigate
> this issue.
>
> Regards,
> Mark Miller | Escalation Engineer | Open Specifications Support Team
> One Microsoft Way, 98052, Redmond, WA, USA
> http://support.microsoft.com
>
> -----Original Message-----
> From: Volker Lendecke [mailto:[email protected]]
> Sent: Thursday, May 03, 2012 8:23 AM
> To: Interoperability Documentation Help
> Cc: [email protected]; [email protected]
> Subject: handle based permission checks in SMB1?
>
> Hello, dochelp!
>
> While writing tests for reauth I noticed some behaviour I did not expect. The
> attached trace excercises reauth smb1 behaviour and does some operations on
> an open file handle.
> In frames 17 and 19 you can see that the file descriptor opened with frame 15
> is good for writing and querying the secdesc. Frames 20 to 23 reauth the
> session in question (user id 16385) to anonymous. In frame 25 you can see
> that the file handle is still good for writing. Frame 27 however shows that
> the reauth killed the ability to query the security descriptor.
> Re-authenticating administrator re-establishes the full permissions on the
> file handle, see frame 33. Doing the trans2 setfileinfo call to set the
> delete-on-close flag shows the same behaviour as reading the security
> descriptor does. I can easily provide traces.
>
> My question: How are permission checks for handle-based SMB1 operations
> performed? Write operations seem to only look at bits attached to the handle,
> other operations seem to also take the current user token into account. Which
> SMB1 operations do permission checking in what ways?
>
> Thanks,
>
> Volker Lendecke
>
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816,
> GF: Dr. Johannes Loxen http://www.sernet.de, mailto:[email protected]
>
>
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9 AG Göttingen, HRB 2816, GF: Dr.
Johannes Loxen http://www.sernet.de, mailto:[email protected]
_______________________________________________
cifs-protocol mailing list
[email protected]
https://lists.samba.org/mailman/listinfo/cifs-protocol
