Temp files created on read-only share

Joel Hammer Joel at HammersHome.com
Thu Nov 15 04:30:02 GMT 2001 

Just a few ignorant questions/comments here.
Isn't this really a security issue for Word?
Would an NT server allow this to happen to it?
To track down this problem, I would set log level =3, misconfigure his Word
again, and watch the interaction.
Would changing permissions on the /home/applications/apps directory get
around this? Making the linux directory writable only by staff might prevent
this. 
Is security by share or by user? What user name does samba run under if
security = share ?
Joel
On Wed, Nov 14, 2001 at 10:06:57AM -0600, Bill Grzanich wrote:
> Hello, All.
> 
> We have Samba 2.0.7 running on Red Hat 6.2 (up for 351 days!) and have discovered the following 
> anomaly:
> 
> There is a share called "appsg" that contains a number of folders, including one called 
> OfficeTemplates.  The share definition in smb.conf is:
> 
> [appsg]
>         comment = Apps in Applications
>         path=/home/applications/apps
>         public = No
>         read only = Yes
>         write list = @staff
>         printable = No
> 
> The other day we noticed that for one user, Jared, Word was opening temporary files in the 
> OfficeTemplates folder on that share.  These files were like ~normal.dot, and were being created 
> read-write!  From his PC, we attempted to create or save a file to the above share, but the process 
> was denied because the share is read-only to everyone but the I.T. staff. (As expected.)
> 
> It turns out that his Word was configured to point at the share for his user templates.  When we 
> changed that so user templates were on his local C:\ drive, and the workgroup templates location 
> was the appsg\OfficeTemplates folder, these temporary files did not appear.  
> 
> The question is: why did Samba allow Word to create the temporary files on the read-only share?  No 
> warning was received, nor was anything logged in the Samba logs.  Now that we have his Office 
> configured properly, it's not an issue, but I'm at a loss for an explanation, and the NT guys here 
> are laughing up their sleeves at this perceived security hole in Linux/Samba.
> 
> Thanks very much for any clues.
> 
> -- 
> Bill Grzanich
> IT Manager
> ORGANICS/LaGrange, Inc.
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list