[Samba] Windows file permission abilities?

S Clark smc+samba at dogphilosophy.net
Wed Mar 9 03:48:24 GMT 2005

On Tuesday 08 March 2005 07:08 pm, Aaron P. Martinez wrote:
> Most importantly i'm wondering if it can implement the create dir/append
> to file permissions.  My client wants users to be able to create files
> on the server but have only a few people who can actually delete the
> files.  I thought about using the "force user" and umask properties, but
> wondered if when using samba as a domain controller the file permissions
> would be the same as window's file permissions or if that is a function
> of ntfs and samba always uses the unix file permissions.

I'm trying to find this out myself on behalf of a Windows guy who is trying to 
do this for some reason.  To be honest, I'm still not sure what good it does 
- if you can WRITE to a file, you can effectively delete it.  (Overwrite it 
with a different file and rename it.  Literally no different than deleting 
the original file then writing a new one, if NTFS handles deletions the same 
way that FATxx does (new file begins writing in the spot last vacated by the 
most recently deleted file...).  As far as I know, "append only" isn't very 
useful for most file - if I understand correctly (for example) when you load, 
edit, and save a "Microsoft Word" file, it completely re-writes the file, it 
doesn't just add changes to the end.  (The one possible use for append-only 
that I can think of would be for plain-text log files...)

Nonetheless, somewhere along the way I got the impression that Samba would 
store the windows permissions bits as extended attributes, just as it does 
(or at least can) with DOS attributes.  I'm not sure where I got this 
impression, though, and even if it stores the attributes I don't know if it 
enforces them.

Nobody's stepped up yet to say one way or another whether Samba handles 
Windows file permissions or not in the last couple of days since the question 
came up.

> Second thing that the client is requesting is for files on the server to
> not be able to be copied to a remote storage device (prevent theft).
> Lets say the user is at a workstation and her logon permits her to read
> a specific file on the samba server.  She has a dvd burner or a usb
> external drive, he doesn't want her to be able to copy the file either
> directly to the device or to copy it to a local drive and then burn it.
> He does however want the user to be able to burn dvds of locally stored
> data, or from the user's samba $home directory.  I suspect this isn't
> very feasible as if you can read the data you should be able to copy it
> to your local machine and then put it wherever you want, but i figured
> i'd doublecheck.

Literally impossible, as far as I know - as you say, if you can read it, you 
can copy it somewhere else.  One alternative that would take some bureaucracy 
to implement would be to take away all "end-user" portable media (block off 
the USB storage options, remove DVD-R's and CD-R's, etc.) and set up a 
CENTRAL place, overseen by a trusted administrator, where users save files 
that they want saved to portable media.

It'd be a huge hassle, but it WOULD at least give you controls over what files 
get exported to portable media - if the data is sensitive enough it might be 
worth it.

More information about the samba mailing list