Permission question.

Cole, Timothy D. timothy_d_cole at md.northgrum.com
Tue Aug 10 14:58:19 GMT 1999 

Most likely you're getting bitten by differences between NT and POSIX
semantics.

In NT, you must have delete permission on an object to delete it.

In a POSIX environment, there is no notion of delete permission for objects
-- write permission on the object's container is sufficient.  I think this
is partly because unlinking an object in a POSIX environment does not
necessarily imply deleting it (i.e. if there are other links to it).

Two possible workarounds, which may or may not be applicable to your
situation:

 1. set the "delete readonly = no" option in your smb.conf -- actually ...
that will only prevent users from deleting files that the owner does not
have write access to.  Unfortunately, the semantics of this option seem to
have changed -- I believe it used to prevent users from deleting files that
they themselves did not have write access to themselves.  I think that may
be a consequence of the change in the way "map readonly" is handled.

A second general problem with the first approach is that any user with
direct access to the Unix side will be able to circumvent this restriction.
It is generally better to employ "native" controls whenever possible.
Hence, my second suggestion:

 2. set the "sticky" bit on the directories.  That will prevent anyone
except the owner of the file and the owner of the directory from deleting it
(the owner of the file must still have write permission on the directory).

If that doesn't meet your needs (at least not by itself), then it might be
possible to play some games with groups (notably Samba's "force group"
option), too, although I would need to know more about your specific
requirements before I could suggest anything concrete.

> -----Original Message-----
> From:	Brian Stephens [SMTP:brian.stephens at sdrc.com]
> Sent:	Tuesday, August 10, 1999 8:14
> To:	Multiple recipients of list SAMBA-TECHNICAL
> Subject:	Permission question.
> 
> I have just started testing SAMBA (2.0.5a & 2.0.4) and have is setup on
> HP, SGI, SUN, and IBM and all are accessed by several NT machines, the
> problem that I have is that I can delete files on the unix machines from
> the NT machines that I should not have permission do delete. The product
> that I am testing for has a PDM related package that uses Impersonation
> to write files for security reasons, if the end user can open a window
> and delete file then we will be unable to use Samba.
> Any thoughts on this issue and what setting I may have wrong?
> 
> Thanks for any input.
> Brian Stephens
> SDRC - Staff Technologists

More information about the samba-technical mailing list