smbmount appears to subvert access permissions
Urban Widmark
urban at teststation.com
Tue Dec 18 03:36:04 GMT 2001
On 17 Dec 2001, Paul wrote:
> (1) I wish to mount a SMB share onto my Linux filesystem. When I
> mount the share, it modifies the permissions on the "mounting
> directory" allowing other users to gain access to the share,
> masquerading as the mounting user. Lucky it doesn't give write access
> to anyone, but read access is bad enough.
smbfs has one permission set for files and one for dirs. They are shared
by all files and dirs, including the root of the fs. You can change that
as well as who should own all files/dirs by setting appropriate flags
(uid/gid/fmask/dmask).
The reason for this simplification is that smbfs doesn't understand NT
permissions and even if it did it wouldn't know how to map that to a local
user.
Changing permissions on the root is probably just a bug.
> (2) I had originally wished to mount a share (shall we say 'home') and
> then allow individual users to access subdirectories under this share
> (eg 'home/user1', 'home/user2'). I had wanted individual users to
> operate under their own username, much like an NFS export. I am aware
> that there may be a problem with the user's identity (since the user
> is going to need UID-remapping). Is there anyway to achieve this
> goal? I would have liked the users to keep their unix 'home
> directory' with their Windows home directory.
Mount each users home dir individually. To keep the number of active
mounts down you may want to look at autofs or pam_mount.
/Urban
More information about the samba
mailing list