Re: [Pan-users] Re: Save attachment file permissions

[Steven D'Aprano]

Duncan wrote:

> But, your mention of SAMBA jarred my thinking.  If I'm not mistaken (and 
> maybe I am as I've never used SAMBA), Windows won't see Unix file 
> permissions no matter what serves up the file.  It's just not designed to 
> work that way.

Windows doesn't understand Unix/Linux file systems, so it can't see Unix 
permissions natively. However, Windows does support NTFS, which uses an 
extraordinarily rich set of Access Control Lists capable of emulating 
anything Unix permissions can do, and far, far more. Most people don't 
use anywhere near the full set of ACLs, probably because they're quite 
complicated and they're a lot of them:

http://www.windowsecurity.com/articles/Understanding-Windows-NTFS-Permissions.html

On the other hand, FAT-xx file systems don't have any security 
permissions at all.

And on the gripping hand, some Linux file systems (ext2, ext3, and 
others) have "extended attributes" which go beyond the POSIX standard. I 
don't know if samba uses them to correspond to NTFS ACLs, but I 
understand the SELinux uses them extensively.

http://www.linux.com/feature/114027
http://wiki.linuxquestions.org/wiki/Extended_attributes


> Let me ask you this.  Using Explorer to browse the SAMBA 
> shares, do the files show up with the appropriate permissions?  Are they 
> actually honored?  

Yes, samba emulates the Linux permissions into NTFS ACLs. It's not a 
perfect match, but quite close.


> (The best way I can think of to test that with the exe
> bit would be to take a Windows executable and make a second copy, 
> different name, in the same directory.  Then set the executable bit on 
> one, and clear it on the other.  Now in Windows, will Windows execute 
> just the one with the executable bit, both, or neither, or is it totally 
> contrary and will only execute the one /without/ the executable bit?)  
> I'd suppose not.

Windows NT and better does have an executable ACL, although it's rarely 
used. As far as I know, unless you do magic samba stuff to be compatible 
with Active Directory, the Linux execute permission won't make any 
difference at all to Windows.


> If the above is correct and Windows doesn't see (or sees, but ignores) 
> the permissions, then you could permission bitflip all day and it 
> wouldn't make a bit of difference to Gravity, because it's using the 
> standard Windows API to access the files, so couldn't know anything more 
> about them than the standard Windows API shows it.

That's what I would expect.

...
> Do normal MS programs still store their data files in the program files 
> dir (assuming the registry isn't enough for them), or do they store them 
> elsewhere, and if so, where?

Depends on whether you are talking about Windows ME (Windows 98 with a 
face list and a lobotomy), NT, 2000, XP, Vista or Windows 7.

The following is based on my recollections of 98, 2000 and XP. I may be 
conflating bits of each together, so don't treat this as anything more 
than a rough sketch. I have never used Vista or Windows 7.

Generally, programs are supposed to store any data too big for the 
registry in a known location. That location varies according to the 
version of Windows. You are supposed to use a Windows API that looks up 
the name of the directory from the registry, because it will be 
localised for the current language.

For some English-language versions of Windows, the app is supposed to 
store data in:

C:\\Documents and Settings\<username>\Application Data\<appname>\

but depending on the Windows version, not only the names of the 
directories changes, but even where they are relative to other standard 
locations, e.g. My Documents:

C:\\Documents and Settings\<username>\My Documents\


> Yes, Gravity appears to still be using the 
> W98 paradigm, but is that still MS "best practice" in that regard, or has 
> MS changed and Gravity stood still?  Does MS normally require admin 
> permissions to write to the system Program Files dir and individual 
> program subdirs?  

That's probably of academic interest only, given that most Windows users 
run with full admin privileges all the time.



--
Steven