'Re: [cifs-protocol] 114082111720309 Filtering SECURITY_INFORMATION flags for SMB* access'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cifs-protocol
Subject:    Re: [cifs-protocol] 114082111720309 Filtering SECURITY_INFORMATION flags for SMB* access
From:       Tarun Chopra <Tarun.Chopra () microsoft ! com>
Date:       2014-08-21 0:40:51
Message-ID: D866A9B6-508C-4BB5-AB3C-D672048DD386 () microsoft ! com
[Download RAW message or body]

Metze - I'm researching this for you and will get back with an update.

Sent from my iPhone

> On Aug 20, 2014, at 2:33 PM, "Sreekanth Nadendla" <srenaden@microsoft.com> wrote:
> 
> Casemail in Cc
> Dochelp in Bcc
> 
> Hello Stefan Metzmacher,
> Thank you for your inquiry about File sharing protocols. We have created incident \
> 114082111720309 to track the investigation for this issue. One of the Open \
> specifications team member will contact you shortly. 
> 
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
> 
> 
> 
> -----Original Message-----
> From: Stefan (metze) Metzmacher [mailto:metze@samba.org]
> Sent: Wednesday, August 20, 2014 5:54 PM
> To: Interoperability Documentation Help
> Cc: cifs-protocol@samba.org
> Subject: Filtering SECURITY_INFORMATION flags for SMB* access
> 
> Hi,
> 
> both [MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY and 3.3.5.21.3 Handling \
> SMB2_0_INFO_SECURITY indicate that the client given SECURITY_INFORMATION flags \
> should be filtered before passing them to the [MS-FSA] layer. 
> Only the following should be passed:
> OWNER_SECURITY_INFORMATION
> GROUP_SECURITY_INFORMATION
> DACL_SECURITY_INFORMATION
> SACL_SECURITY_INFORMATION
> LABEL_SECURITY_INFORMATION
> ATTRIBUTE_SECURITY_INFORMATION
> SCOPE_SECURITY_INFORMATION
> BACKUP_SECURITY_INFORMATION
> 
> I'm wondering why [MS-SMB] 2.2.7.3 NT_TRANSACT_SET_SECURITY_DESC
> (0x0003) Extensions
> and 2.2.7.4 NT_TRANSACT_QUERY_SECURITY_DESC (0x0006) Extensions.
> specify only:
> 
> OWNER_SECURITY_INFORMATION
> GROUP_SECURITY_INFORMATION
> DACL_SECURITY_INFORMATION
> SACL_SECURITY_INFORMATION
> LABEL_SECURITY_INFORMATION
> 
> [MS-CIFS] 3.3.5.59.3 Receiving an NT_TRANSACT_SET_SECURITY_DESC Request and \
> 3.3.5.59.5 Receiving an NT_TRANSACT_QUERY_SECURITY_DESC Request doesn't say \
> anything about filtering out some flags. 
> I guess [MS-SMB] and [MS-CIFS] are incomplete and the behavior matches [MS-SMB2], \
> can you confirm that? 
> Thanks!
> metze
> 
_______________________________________________
cifs-protocol mailing list
cifs-protocol@samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

[prev in list] [next in list] [prev in thread] [next in thread] 