Re: SFTP ACLs need inheritance support

[Joseph Galbraith <galb-list%vandyke.com@localhost>]

denis bider wrote:
> I think that's an excellent proposal!
> 
> The backup and restore flags could prove very useful to
> specialized software that performs backup over the network, as
> using these flags is really the only way to backup a file with
> multiple streams.

Hmmm... I was thinking of these as simply enabling the
backup or restore privilege which bypasses access
checks-- which would be highly useful for things like
scanning the volume to see who is using what space--
also, if this turns on reading from the backup stream,
an non-NT backup stream aware application can't use
this feature.

So, I'd suggest that we also have an open flag:

  SSH_FXF_ACCESS_BACKUP_STREAM

  Requests that the server return data to the read request
  as a structured backup stream.  The format of the backup
  stream is system specific, but it should encode all the
  information that must be preserved in order to restore
  the file from a backup medium.  The only well defined
  use for this data is to write it to the same server to
  a file also opened with this flag specified.

  However, if the server OS has a well defined backup
  stream format, it may be that there are other uses
  for this data outside the scope of this protocol.

  When this flag is present, the server expects a backup
  stream in the write requests.

  Data offsets are in the READ and WRITE packets are ignored
  when this flag is specified.

What do you think?

Thanks,

Joseph