R: [Samba] user are able to access "/" partition.

Gianluca Culot gianlucaculot at dmsware.com
Mon May 14 10:43:32 GMT 2007


> -----Messaggio originale-----
> Da: samba-bounces+gianlucaculot=dmsware.com at lists.samba.org
> [mailto:samba-bounces+gianlucaculot=dmsware.com at lists.samba.org]Per
> conto di Dhillon, Gurjit
> Inviato: lunedi 14 maggio 2007 11.37
> A: samba at lists.samba.org
> Oggetto: [Samba] user are able to access "/" partition.
>
>
> Hi All.
>
>
>
> We have a samba server at our location. We are facing out with some
> issue. User who have the account on the server are able to access "/"
> root access.
>
> I have tried to add an extra line In Home sharing, which is "path = %H",
> this lined solved my issue, but gave other issue. After implementing
> this line under Home share, I am not able to open any other user's home
> directory which is shared to me or have access to open. If I try to
> access other user home, it simply open my own home directory, even the
> directory which I am not author... , I endup opening my own home
> directory instead of getting error.
>
>
>
> Can any one out some light in this issue, how can I configure My samba,
> where I can access other's shared home directory and stop other user to
> access "/" partition.
>
>
>
>
>
> Below is the output of configuration file. There are 2 conf file ,
> /etc/samba/smb.conf and /usr/samba/lib/smb.conf.NU-DEV0
>
>
>
> Cat  /etc/samba/smb.conf
>
>
>
> # Global parameters
>
> [global]
>
>         workgroup = TEST
>
>         server string = Test Samba Server
>
>         security = share
>
>         encrypt passwords = Yes
>
>         passwd program = /usr/bin/passwd %u
>
>         passwd chat = *ew*password:* %n\n *e-enter*new*password:* %n\n
>
>         max log size = 5000
>
>         log level = 2
>
>         name resolve order = host
>
>         socket options = TCP_NODELAY
>
> #       vfs objects = sgistats
>
>         use sendfile = No
>
>         max xmit = 65535
>
>         strict locking = no
>
>         printcap name = lpstat -t
>
>         os level = 0
>
>         oplocks = No
>
>         kernel oplocks = No
>
>         level2 oplocks = No
>
>         preferred master = No
>
>         local master = No
>
>         domain master = No
>
>         dns proxy = No
>
>         comment = Samba %v
>
>         guest account = guest
>
> #WARNING: The "printer admin" option is deprecated
>
> #       printer admin = lp
>
>         printing = bsd
>
>         print command = /usr/samba/bin/sambalp %p %s %U %m
>
> #       dmapi support = yes
>
>
>
> smb passwd file =
> /usr/samba/dmf/journals/.samba/CAENFS/private/smbpasswd
>
> private dir = /usr/samba//dmf/journals/.samba/CAENFS/private
>
> log file = /usr/samba/dmf/journals/.samba/CAENFS/log/log.%m
>
> #lock dir = /usr/samba/dmf/journals/.samba/CAENFS/locks
>
> #pid directory = /dmf/journals/.samba/CAENFS/locks
>
> #bind interfaces only = yes
>
> netbios name = nu-dev0
>
> #interfaces = 143.5.145.55/255.255.255.192
>
> include=/usr/samba/lib/smb.conf.%L
>
>
>
> include=/usr/samba/lib/smb.conf.%L is  opening a file called
> /usr/samba/lib/smb.conf.NU-DEV0
>
>
>
> cat /usr/samba/lib/smb.conf.NU-DEV0
>
>
>
> [homes]
>
>         comment = Home Directories
>
>         read only = No
>
>         max connections = 5
>
>         browseable = YES
>
>
>
>
>
> [temp]
>
>         comment = test temp dirctory
>
>         path = /temp
>
>         admin users = bf6364, be9532
>
> #        write list = be9532
>
> #       browseable = Yes
>
>         read only = No
>
>
>
>
>
>
>
>
>
> Thanks
>
> Gurjit Dhillon
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>

I would try to add
path = /usr/home
into [home] section

or some reason it's likely your implementation of samba is defaulting path
to
path = /

this could be considered a security breach.... but... just add path to the
section and try again




More information about the samba mailing list