Mabe bug in Force User given root permission to all files.

Przemek Sobieski sobol at sobol.org
Tue Dec 12 03:53:48 GMT 2000 

Hello
I think I find some bug in samba.
When i user option force user or force group and restart deamons peoples
who log in samba get root perrmision to all files.

I'll give hie config of my system etc. :
 
All permisions work fine with this:
[Poczta]
   comment = Poczta
   path = /shells/Poczta
   read only = no
   public = no
   write list = @admins
   writable = yes
   printable = no
   force directory mode = 771
   force create mode = 771
   valid users = @poczta 


But when i Add force user and group:

[Poczta]
   comment = Poczta
   path = /shells/Poczta
   read only = no
   public = no
   write list = @admins
   writable = yes
   printable = no
   force directory mode = 771
   force create mode = 771
   force group = poczta
   force user = szef
   valid users = @poczta 

Any user can browse "Poczta" ! any user can do enything with files.
Get root access to them.

rights for poczta is:
ls -l /shells/* |grep poczta

drwxrwx--x    8 root     poczta       4096 gru  8 17:36 Poczta

cd /shells/poczta
ls -l 

-rwxrwxr-x    1 szef     poczta       2143 gru  9 15:40 Kosz
-rwxrwxr-x    1 szef     poczta      65536 gru  9 15:40 Kosz.snm
-rwxrwxr-x    1 szef     poczta          0 gru  6 16:40 Nie wyslane
-rwxrwxr-x    1 szef     poczta      16384 gru  6 16:40 Nie wyslane.snm
-rwxrwxr-x    1 szef     poczta       7146 gru  9 15:40 Przychodzaca
-rwxrwxr-x    1 szef     poczta      21328 gru  9 16:06 Przychodzaca.snm        
......

This is part of /etc/passwd and /etc/group


cat /etc/passwd |grep szef

szef:x:1007:100:Szef User,,,:/shells/szef:/bin/bash    

cat /etc/group | grep poczta

poczta:x:125:serwis1,serwis2,handel1,handel2,asystent1,asystent2,szef   

I'm using samba on debian OS my version is:
dpkg -l |grep samba
ii  samba          2.0.7-3

I must i tried to make my own .*deb form source, same problem. I compiled
it also from source, same problem.

Plz help me, mabe i do something wrong. In attachment i give u my samba
config part of passwd and group file and listing of /shells .
-------------- next part --------------
A non-text attachment was scrubbed...
Name: files.tgz
Type: application/x-gtar
Size: 7276 bytes
Desc: 
Url : http://lists.samba.org/archive/samba-technical/attachments/20001212/56ae2384/files.gtar

More information about the samba-technical mailing list