Temp files created on read-only share

Bill Grzanich organix4 at mindspring.com
Thu Nov 15 07:09:09 GMT 2001 

Hi, Joel.

(Comments at end)

>On Wed, Nov 14, 2001 at 10:06:57AM -0600, Bill Grzanich wrote:
>> Hello, All.
>> 
>> We have Samba 2.0.7 running on Red Hat 6.2 (up for 351 days!) and have discovered the following 
>> anomaly:
>> 
>> There is a share called "appsg" that contains a number of folders, including one called 
>> OfficeTemplates.  The share definition in smb.conf is:
>> 
>> [appsg]
>>         comment = Apps in Applications
>>         path=/home/applications/apps
>>         public = No
>>         read only = Yes
>>         write list = @staff
>>         printable = No
>> 
>> The other day we noticed that for one user, Jared, Word was opening temporary files in the 
>> OfficeTemplates folder on that share.  These files were like ~normal.dot, and were being created 
>> read-write!  From his PC, we attempted to create or save a file to the above share, but the 
process 
>> was denied because the share is read-only to everyone but the I.T. staff. (As expected.)
>> 
>> It turns out that his Word was configured to point at the share for his user templates.  When we 
>> changed that so user templates were on his local C:\ drive, and the workgroup templates location 
>> was the appsg\OfficeTemplates folder, these temporary files did not appear.  
>> 
>> The question is: why did Samba allow Word to create the temporary files on the read-only share?  
No 
>> warning was received, nor was anything logged in the Samba logs.  Now that we have his Office 
>> configured properly, it's not an issue, but I'm at a loss for an explanation, and the NT guys 
here 
>> are laughing up their sleeves at this perceived security hole in Linux/Samba.
>> 
>> Thanks very much for any clues.

Original message from: Joel Hammer
>Just a few ignorant questions/comments here.
>Isn't this really a security issue for Word?

Probably.  I was just curious if anyone else had observed similar behavior and perhaps had an 
explanation for why this was happening.

>Would an NT server allow this to happen to it?

Good question.  We may have to try that.

>To track down this problem, I would set log level =3, misconfigure his Word
>again, and watch the interaction.

Yes, also a good idea.  

>Would changing permissions on the /home/applications/apps directory get
>around this? Making the linux directory writable only by staff might prevent
>this. 

That's what we have, isn't it?  Oh, you mean the Linux permissions!  That would likely work, but 
shouldn't Samba have accomplished the same thing?  And that's the real point of my original 
message.  Why did Samba allow this?  Frankly, it's moot at this point, but still odd.

>Is security by share or by user? What user name does samba run under if
>security = share ?

Security = domain.  We have NT servers for PDC and BDC, and users authenticate against them.

Thanks for the suggestions.  That gives me something to try.  Of course, since this is a production 
machine, my options for playing are a bit limited, but I'll see what I can do.

Best regards,

-- 
Bill Grzanich
IT Manager
ORGANICS/LaGrange, Inc.

More information about the samba mailing list