[Samba] Strange share behavior

Michael B. Trausch mike+gmane at trausch.us
Thu Mar 11 11:02:31 MST 2010

On 03/11/2010 09:28 AM, Matthew Daubenspeck wrote:
> Hide unreadable works great, users cannot see any directories that they
> do not have access to. However, they can still create folders in the
> root of the share (/home/samba/share). I've even changed the perms of
> that directory to 000, and still users can create directories there. Am
> I missing something?

Have you patched your Samba 3.5.0 with the patch for CVE-2010-0728 yet?

See http://samba.org/samba/history/security.html for info; essentially 
the problem was that Samba 3.5.0 (and 3.4.6, and 3.3.11) would ignore 
permissions for various things.

I know that I had setup a Samba 3.5.0 PDC for a client of mine, and 
thought that I had it setup correctly, but they were able to perform 
actions that they did not have proper permission to do.  When I applied 
the patch for CVE-2010-0728, I had to do some reconfiguration to grant 
them access to some shares and files that they then no longer had access to.

	--- Mike

More information about the samba mailing list