[Samba] Strange share behavior
Michael B. Trausch
mike+gmane at trausch.us
Thu Mar 11 11:02:31 MST 2010
On 03/11/2010 09:28 AM, Matthew Daubenspeck wrote:
> Hide unreadable works great, users cannot see any directories that they
> do not have access to. However, they can still create folders in the
> root of the share (/home/samba/share). I've even changed the perms of
> that directory to 000, and still users can create directories there. Am
> I missing something?
Have you patched your Samba 3.5.0 with the patch for CVE-2010-0728 yet?
See http://samba.org/samba/history/security.html for info; essentially
the problem was that Samba 3.5.0 (and 3.4.6, and 3.3.11) would ignore
permissions for various things.
I know that I had setup a Samba 3.5.0 PDC for a client of mine, and
thought that I had it setup correctly, but they were able to perform
actions that they did not have proper permission to do. When I applied
the patch for CVE-2010-0728, I had to do some reconfiguration to grant
them access to some shares and files that they then no longer had access to.
More information about the samba