Fwd: Samba client delete's root-only files

Nik Sands Nik.Sands at utas.edu.au
Fri Feb 2 04:35:42 GMT 2001

FIXED!  I've solved my problem.

I had a basic misunderstanding of UNIX delete permissions.  I always 
thought that delete permissions were based on the write permissions of the 
FILE being deleted.  However, it is actually based on the write permissions 
of the DIRECTORY in which that file is stored.

This is something to keep in mind when assigning directories for SAMBA 
shares.  If the directory has group write permission, then anyone in that 
group can delete anything in that directory they like.

>Date: Fri, 02 Feb 2001 12:25:32 +1100
>I'm a newbie, so I hope that this is question has not been answered a 
>thousand times... I couldn't find it in the archives...
>This problem exists on some of the SAMBA servers here but not on 
>others.  I want to be able to have several users writing to a SAMBA share, 
>but not to be able to modify or delete each others files.
>I have found that anyone can delete anyones files no matter who owns them 
>or what permissions are on those files.
>For the sake of testing, I created (on the UNIX side) a file in the 
>directory used for such a SAMBA share and changed its 
>ownership/permissions such that it had read access for root (owner) and no 
>other access at all for any group or world.
>However, any user connected to that share from Windows can delete such a 
>file.  This is a big problem for me!!!
>Note that such users cannot read the file (as it should be) but they can 
>delte it (from Windows), even though, at the UNIX level, they shouldn't be 
>able to do either.
>Is SAMBA supposed to respect the UNIX permissions?  I thought that the man 
>page indicated that it would not override UNIX permissions.
>Any help would be greatly appreciated.
>NIK SANDS - Systems Administrator    MailTo:Nik.Sands at utas.edu.au
>Information Technology Services             Phone: +61-3-63243732
>University of Tasmania, Australia             Fax: +61-3-63243081

