Keeping clients out of some file systems

Ronald Kuetemeier ronald at
Sun May 13 00:28:56 GMT 2001

I have implemented a first version for Michael, which blocks on
mount points. A sample smb.conf and samba-block.conf is included in
the attached file. 
Works as follows:
	On connection read /etc/samba-block.conf and create list
	ON opendir check if dir is a link and if this link is in
            the list, iff so set EACCESS (permission denied) and
            the user sees the appropriate err msg. Log the access
            into the log file( for perl removal scripts ...)

Extending it to dirs should be no problem since I saw that coming ...


BTW: This is a vfs module, so it requires 2.2.x with vfs enabled.
And if you guys don't like attached tgz files let me know.

In-Reply-To: <20010512.102619.00528793.okuyamak at>; from okuyamak at on Sat, May 12, 2001 at 10:26:19AM +0900

On Sat, May 12, 2001 at 10:26:19AM +0900, okuyamak at wrote:
> Dear Michael,
> >>>>> "MG" == Michael Gerdts <Michael.Gerdts at> writes:
> MG> Typically to keep clients out of file systems that they should not be
> MG> poking around on (/ /usr, /var, ...) you have to use "wide links = no",
> MG> which apparently has performance problems.
> MG> Generally, I don't care if people have symbolic links that point out of
> MG> their shares, so long as they don't give away information that they can't
> MG> already get through NFS.  That is, if Alice has a symbolic link to Bob's
> MG> home directory, I don't care.  If Alice has a symbolic link to /, I care.
> MG> Perhaps a new option, "hide filesystems" would be useful.
> MG> 	hide file systems = / /opt /usr/local
> Beside performance, we sometime needs to share some partial directories.
> For example, we might need to hide /home except for /home/<that
> user>, and /home/share.
> Maybe we need 'jail' support too.
> By the way, followings are the directories I think we should not
> share with Samba, nor have example about it. Any opinion?
> * Directories that subdirectories might need to share, but should
>   not share itself:
> /, /var, /home, 
> * Directories that subdirectories also should not be shared:
> /etc, /bin, /lib, /sbin, /usr/sbin, /usr/bin, /usr/lib, /usr/share,
> /usr/local/bin, /usr/local/share, /usr/local/lib, /usr/local/sbin,
> /usr/X11*,
>  /var/* except for /var/spool in case of printing,
> /usr/local/samba ( or any other place where samba and it's setting exists ),
> /opt /usr/lpp and other 'OS dependent' directories for binaries.
> # rules so far:
> # 1) we should not share directories which can lead to anywhere.
> # 2) we should not share binaries ( which never runs on Windows )
> #    nor libraries
> # 3) we should not share any setting files about the server.
> # 4) we should not share any log, etc. which gives cracker extra hint
> #    about the server
> # 5) we should not, among all, share samba directories which we might
> #    give tremendeus hints of cracking.
> ---- 
> Kenichi Okuyama at Tokyo Research Lab. IBM-Japan, Co.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vfs-block.tgz
Type: application/x-tar-gz
Size: 2871 bytes
Desc: not available
Url :

More information about the samba-technical mailing list