[Samba] User can delete file when they have no read/write access
Esben Laursen
hyber at hyber.dk
Fri Jun 20 21:51:31 GMT 2003
Im haveing a problem with my profiles share on my Samba 2.2.3 PDC server.
I have a share like this:
[profiles]
path = /home/samba/profiles
writeable = yes
create mask = 0700
directory mask = 0700
browsable = no
valid users = root, at smbusers
The roaming profile works just fine with windows2k, and the users can't read the other profiles (they get a "access denied" if they try to access another profile then their own) thats great, BUT they can delete the other profiles.
It aint only the profiles share but all files, and thats pretty much a problem here =)
Here is a ls of the profiles directory:
linux:/home/samba/profiles# ls -l
total 12
drwx------ 14 emma emma 4096 Jun 19 22:18 emma
drwx------ 19 esben esben 4096 Jun 17 20:00 esben
drwx------ 14 root root 4096 May 17 21:13 root
linux:/home/samba/profiles#
So the user esben cant read the emma folder but he can delete it witch is pretty bad =)
How can I fix this?
Kind Regards
Esben
Ps. Here is my [global] section:
[global]
netbios name = linux2
server string = Samba %v on %L
workgroup = domain
add user script = /usr/sbin/useradd -d /dev/null -g nobody -s /bin/false -M %u
os level = 65
prefered master = yes
domain master = yes
local master = yes
domain logons = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
time server = yes
hide dot files = yes
security = user
guest ok = no
invalid users = bin deamon sys man mail ftp
admin users = @root
domain admin group = root, at admins
encrypt passwords = yes
log level = 2
log file = /var/log/samba/log.%L
max log size = 1000
debug timestamp = yes
syslog = 1
hosts allow = 192.168.1. 127. 62.79.110.
; user roaming profiles path
logon path = \\%L\profiles\%u
client codepage = 850
valid chars = æ:Æ ø:Ø å:Å
logon script = logon.bat
More information about the samba
mailing list