mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
6a07d2fe44
For SDDL Resource ACE conversions we don't want to check too much claim validity so that a semi-invalid ACE can round-trip through deserialisation and serialisation. This is because Windows allows it, but also because if the check puts the values in a sorted order that makes the round-trip less round (that is, the return string is semantically the same but possibly different in byte order). The validity we're talking about is mostly uniqueness. For example `S:(RA;;;;;WD;("foo",TU,0,7,5,7))` has two 7s, and that would be invalid as a claim, but this is not checked while in ACE form. On the other hand `S:(RA;;;;;WD;("foo",TU,0,3,2))` is valid, but the return string will have 3 and 2 reversed when the check is made. We prefer the ACE to stay the same while it is just being an ACE. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> |
||
---|---|---|
.. | ||
auth | ||
cldap | ||
dns | ||
drsuapi | ||
echo | ||
http | ||
ldap | ||
lsarpc | ||
named_pipe_auth | ||
nbt | ||
netlogon | ||
registry | ||
samsync | ||
security | ||
smb | ||
smbreadline | ||
tstream_binding_handle | ||
util | ||
wsp |