Temp files created on read-only share

Bill Grzanich organix4 at mindspring.com
Wed Nov 14 08:07:02 GMT 2001

Hello, All.

We have Samba 2.0.7 running on Red Hat 6.2 (up for 351 days!) and have discovered the following 

There is a share called "appsg" that contains a number of folders, including one called 
OfficeTemplates.  The share definition in smb.conf is:

        comment = Apps in Applications
        public = No
        read only = Yes
        write list = @staff
        printable = No

The other day we noticed that for one user, Jared, Word was opening temporary files in the 
OfficeTemplates folder on that share.  These files were like ~normal.dot, and were being created 
read-write!  From his PC, we attempted to create or save a file to the above share, but the process 
was denied because the share is read-only to everyone but the I.T. staff. (As expected.)

It turns out that his Word was configured to point at the share for his user templates.  When we 
changed that so user templates were on his local C:\ drive, and the workgroup templates location 
was the appsg\OfficeTemplates folder, these temporary files did not appear.  

The question is: why did Samba allow Word to create the temporary files on the read-only share?  No 
warning was received, nor was anything logged in the Samba logs.  Now that we have his Office 
configured properly, it's not an issue, but I'm at a loss for an explanation, and the NT guys here 
are laughing up their sleeves at this perceived security hole in Linux/Samba.

Thanks very much for any clues.

Bill Grzanich
IT Manager
ORGANICS/LaGrange, Inc.

More information about the samba mailing list