Last weekend I upgraded from 2.2.7a to 2.2.8 because of the security problems. Unfortunately 2.2.8 is not only security upgrade but also contains some improvements one of which is backport of ACL code from 3.x Since the upgrade I have problems with rights. In a directory with empty ACL for the creator group and the same default ACL files created by samba have rwx set while files created in shell have (expected) empty ACL for the group). I can describe it in detail if anyone is interested. I have to solve this at once because in this state new files have very dangerous permitions. I thought about one of these possibilities: 1) to find a Samba-ACL documentation (I believe it does not exist) and make correct the behavior 2) to use 2.2.7a and aply only the security patch, without other changes. Does it exist anywhere? 3) to use 2.2.8 but with old ACL code. Is it sufficient to use some files from 2.2.7a or is it necessary to do something else? -- Honza Houstek
On Tue, Mar 18, 2003 at 01:59:00PM +0100, Jan Houstek wrote:> Last weekend I upgraded from 2.2.7a to 2.2.8 because of the security > problems. Unfortunately 2.2.8 is not only security upgrade but also > contains some improvements one of which is backport of ACL code from 3.x > > Since the upgrade I have problems with rights. In a directory with empty > ACL for the creator group and the same default ACL files created by samba > have rwx set while files created in shell have (expected) empty ACL for > the group). > > I can describe it in detail if anyone is interested.Yes I'm interested. Can you give me a lot more detail on how you reproduce this (users, groups, used - user you log into on the Samba server, what application you create the files with etc.). Thanks, Jeremy.