I have just looked at the documentation on locking in the file
UNIX_INSTALL. I would like to check a couple of points to see
if my understanding is correct:
1. My interpretation of the record locking support is that
SAMBA itself does not maintain any record locks itself. It
either gets UNIX to do it (via fcntl) and hence should
interwork with anything else that does the same (bugs
in rpc.lockd permitting for NFS), or fakes the locks.
2. One implication of the above is that on UNIXes that
support it, and on filesystems local to the SAMBA
server (i.e. the SAMBA server is not mounting them as an
NFS client) the same effect as strict locking (each
read/write checked) chould be obtain on particlar files
only by setting the enforcement mode locking bit on the
file's permissions.
3. Samba keeps track of the share modes itself and does not
share this information with anything else.
4. If 3) above is true then it does expose a locking
vulnerability between different clients because an SMB
client which has openned a file DENY_WRITE would probably
not bother using record locks to protect the file from being
written by other clients as no other client should have been
able to open it for writing. An NFS client could probably
also open the file DENY_WRITE and also write to it at the
same time as, as far as NFS is concerned, the file is not
locked.
5. Could be solved by having each system that serves PCs
share the share modes info by taking out record locks for
the whole file when one of DENY_READ or DENY_WRITE is used.
Should SAMBA have an option to do this?
If you can see any inaccuracies of flaws in what I have, or have
any other comments then please let me know.
--
Steve Fosdick Internet: fosdicsj@aom.bt.co.uk
Voice: +44 1473 642987 MSMAIL: BTEA/BTLIP23/FOSDICSJ
Fax: +44 1473 644607 BOAT: FOSDICSJ
Snail: B29/G34, BT Labs, Martlesham Heath, Ipswich, IP5 7RE, England.