Gregg Dionne
2001-Oct-15 17:06 UTC
Unix permissions not blocking access on samba shared drive
Hi,
I have a strange permissions problem in that my pc clients have access to
unix directories they shouldn't. I have a share "backups" (samba
2.0.8)
pointing to a linux (RH6.1) directory with sub-directories for each user.
The linux permissions are set to 700 for each dir, and each dir is owned by
the user, with a common gid. When the backups directory is mapped to client
pc's (win 98, win 2k) the users should only be able to access their own
directory, However in this case, each user has unlimited acces to all
directories. What am I doing wrong?
security = user
[backups]
comment = /directories for network backups
path = /u02/backups
public = no
guest = no
writable = yes
directory mode = 0777
create mode = 0777
Ries van twisk
2001-Oct-15 22:26 UTC
Unix permissions not blocking access on samba shared drive
> directory mode = 0777 > create mode = 0777Samba will create the file word read/write/executable. Possible you need to set it like this: directory mode = 0600 create mode = 0600 Whenever a file or directory is written it's created with user RW permissions and that's it. You can change it to 0660 to give RW group access aswell In your case a file will be created with all access permissions for group, user and everyone else (0777) which is a bad idea. Ries> Hi, > > I have a strange permissions problem in that my pc clients have access to > unix directories they shouldn't. I have a share "backups" (samba 2.0.8) > pointing to a linux (RH6.1) directory with sub-directories for each user. > The linux permissions are set to 700 for each dir, and each dir is owned by > the user, with a common gid. When the backups directory is mapped to client > pc's (win 98, win 2k) the users should only be able to access their own > directory, However in this case, each user has unlimited acces to all > directories. What am I doing wrong? > > security = user > > [backups] > comment = /directories for network backups > path = /u02/backups > public = no > guest = no > writable = yes > directory mode = 0777 > create mode = 0777 > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba