[Samba] samba says "you have right" but I must not have right
(Important - SECURITY ISSUE)
abartlet at samba.org
Fri Jan 9 21:45:16 GMT 2004
On Fri, Jan 09, 2004 at 02:25:08PM +0100, stephane.purnelle at corman.be wrote:
> My Samba 3.0.1 is configured with LDAP SAM and ACL on XFS filesystem.
> For a test, I added my user to the group "cadres". This group is in ACL
> definition of my directory.
> # file: Projets
> # owner: root
> # group: root
> In my explorer, the directory Projets appear, the directory is available.
> After, I modifed my group "cadres" and I supress my account from group.
> since more than 1 hour, I can see and acces to directory but in unix
> console I cannot and I must don't access to this directory.
> The only possibility than I have is : "killing my connection with SWAT"
> I looking the source and I think that is the NT_USER_TOKEN information is
> not updated after connection or if these informations is updated not
> I propose that samba refresh correcly these information every five minutes
> or a parameter REFRECH_USRE_INFO in smb.conf.
You will find that all Unix, NT and Win2k systems function in this way. A
user's group permissions last until they logout.
More information about the samba