Message374044
> Since the need to copy file ownership is common, I think there could
> be space for a new copy3() function which copies ownership + extended
> attributes (where possible).
FYI, Windows and POSIX have significantly different concepts about file (object) ownership. In Windows:
* Any type of SID can be set as the owner, such as a user, global
group, local group, well-known group, domain, or logon session. All
of these SID types, except for user SIDs, are commonly set in the
groups of a token. Also, the token user is not limited to just users.
It's commonly set to a well-known group such as SYSTEM, LOCAL
SERVICE, or NETWORK SERVICE.
* The effective access token of a thread is granted owner rights to
an object if the token user or any of the token's enabled groups is
the owner of the object. For example, if an object is owned by the
"BUILTIN\Users" local group, then all access tokens for standard-user
logons will be granted owner rights as long as they have the
"BUILTIN\Users" group enabled, which it is by default.
* If not set explicitly via "OWNER RIGHTS" (i.e. S-1-3-4), the
owner is implicitly granted the READ_CONTROL right to query the
object security and the WRITE_DAC right to modify the object's
resource attributes and discretionary access-control list. As
long as these rights are granted implicitly, they cannot be
denied by deny access-control entries. However, implicit owner
rights may be denied if an object has an implicit (by object
type) or explicit (by label) no-read-up or no-write-up mandatory
policy, and the token's integrity level is less than that of the
object.
* An explicit "OWNER RIGHTS" entry can be set in the discretionary
access control list in order to override the implicit owner rights.
This is not the same as setting owner rights in POSIX, since other
ACL entries may grant or deny rights. Given the canonical priority
of deny access-control entries and also mandatory access control
based on the integrity level of the object vs the token, granting
explicit access to "OWNER RIGHTS" does not necessarily ensure the
owner will even be granted at least the desired access in all
contexts. Also, unlike the implicit case, if an "OWNER RIGHTS"
entry grants READ_CONTROL and/or WRITE_DAC access, either right
may be denied by deny access-control entries. |
|
Date |
User |
Action |
Args |
2020-07-21 01:10:15 | eryksun | set | recipients:
+ eryksun, giampaolo.rodola, christian.heimes, noctiflore |
2020-07-21 01:10:15 | eryksun | set | messageid: <1595293815.85.0.525081790359.issue30044@roundup.psfhosted.org> |
2020-07-21 01:10:15 | eryksun | link | issue30044 messages |
2020-07-21 01:10:15 | eryksun | create | |
|