Temp files created on read-only share
Bill Grzanich
organix4 at mindspring.com
Wed Nov 14 08:07:02 GMT 2001
Hello, All.
We have Samba 2.0.7 running on Red Hat 6.2 (up for 351 days!) and have discovered the following
anomaly:
There is a share called "appsg" that contains a number of folders, including one called
OfficeTemplates. The share definition in smb.conf is:
[appsg]
comment = Apps in Applications
path=/home/applications/apps
public = No
read only = Yes
write list = @staff
printable = No
The other day we noticed that for one user, Jared, Word was opening temporary files in the
OfficeTemplates folder on that share. These files were like ~normal.dot, and were being created
read-write! From his PC, we attempted to create or save a file to the above share, but the process
was denied because the share is read-only to everyone but the I.T. staff. (As expected.)
It turns out that his Word was configured to point at the share for his user templates. When we
changed that so user templates were on his local C:\ drive, and the workgroup templates location
was the appsg\OfficeTemplates folder, these temporary files did not appear.
The question is: why did Samba allow Word to create the temporary files on the read-only share? No
warning was received, nor was anything logged in the Samba logs. Now that we have his Office
configured properly, it's not an issue, but I'm at a loss for an explanation, and the NT guys here
are laughing up their sleeves at this perceived security hole in Linux/Samba.
Thanks very much for any clues.
--
Bill Grzanich
IT Manager
ORGANICS/LaGrange, Inc.
More information about the samba
mailing list