[Samba] Unexpected behaviour with ACL GROUP CONTROL

Jeremy Allison jra at samba.org
Sun May 14 21:55:17 GMT 2006

On Sun, May 14, 2006 at 10:21:20PM +0100, Roger Lucas wrote:
> What I found was that if I set the "ACL GROUP CONTROL = TRUE" setting in
> SMB.CONF, then any user could change the ACL for a file/folder if they were
> a member of the primary GID of the file/folder even if that primary GID did
> not have write access.

Yes, that's by design.

> I checked the code in "source/smbd/posix_acls.c" and as far as I can tell it
> only checks that the user is a member of the group that the file has as its
> primary GID but it doesn't check that the primary GID also has write access
> to the file.  You could, for example, have a "0700" set of UNIX access flags
> and a user who was a member of the the primary GID could still change the
> ACL.
> Is my understanding correct?
> If it is, is there an known work-around?

No - it treats anyone who is in the primary group owner as though
they were the owner of the file. The owner of a file can change
the ACL even if they don't have write access.

This is how it's supposed to work (and does when a file is owned
by a group on Windows).


More information about the samba mailing list