File permissions seem ok but users can delete other users files
Elrond
elrond at samba.org
Wed Aug 2 17:27:37 GMT 2000
On Tue, Aug 01, 2000 at 08:52:55PM -0500, Peter Samuelson wrote:
>
> [Adam <maillist at presinter.com.au>]
> > I have a problem with samba where users cant read or write to other
> > users files but they can delete them. I want to prevent users from
> > deleting other users files.
>
> This is a Unix issue, not a Samba issue. Samba is using standard Unix
> permissions, which state that in order to delete a file, you do *not*
> need any permissions on the file, but you *do* need write permission on
> the directory the file is in.
>
> This is quite confusing to the average Windows user, because Windows
> still uses the FAT filesystem, which doesn't have inodes. Once you
> understand the relationship between Unix files, inodes, and directory
> entries, and why the C function unlink() is so named, Unix delete
> permissions make perfect sense.
Even on a FAT-filesystem this would make sense (if it had
perms), because you need to modify the "file-contents" of
the directory. Yes, on fat also directories are organised
as files. (their attribute just says "you're a directory")
This might be confusing to windows-users, because from one
point, there are no perms, from the other, you only have
the read-only-attribute.
Ohh and ntfs:
This one is interesting:
Each object (file or directory) itself has a bit for
DELETE, if your acl-entry allows you to delete it, you may
do so.
If you have W-rights on a directory, you may create new
entries.
If you have "Full Control", this is more like Unix: You may
delete any file.
I don't remember, if the right "delete any contained
object" has a special bit or is simply included in the
"full control"-bit.
BTW: As I remember, "they" added this for
POSIX-conformance.
[...]
Elrond
More information about the samba-technical
mailing list