[Samba] Restricting samba subfolder acl changes to admin users
suresh.kandukuru at emc.com
suresh.kandukuru at emc.com
Fri Oct 15 07:28:30 MDT 2010
Volker I will send the log,
why it does not matter here if user1 is owner of the subfolder and has read only access on it?.
my Q is though user1 has read only access on subfolder "testsubfldr", he is able to change it to the write , since user1 has write access on the share.
cannot samba disallow acl changes on the subfolder "testsufldr" for the user user1 since has read access for it , though he has write access on the share?.
Thanks
Suresh
-----Original Message-----
From: Volker Lendecke [mailto:Volker.Lendecke at SerNet.DE]
Sent: Friday, October 15, 2010 4:51 PM
To: Kandukuru, Suresh
Cc: samba at lists.samba.org; jra at samba.org
Subject: Re: [Samba] Restricting samba subfolder acl changes to admin users
On Fri, Oct 15, 2010 at 07:09:02AM -0400, suresh.kandukuru at emc.com wrote:
> once final Q is ,I have admin user in NAS . for a share
> "test" , he has given write access to user "user1 " and
> read access for a subfolder -> "testsubdir" in share
> "test" .
> when user1 logged into share "test", he could not write
> into "testsubdir". obviously it is because he has read
> access on the folder an most restrictive access will be
> effective.
>
> and the problem is since the user1 has write access to
> share , he is able to change the read access on the sub
> folder by himself. why samba is allowing this ? since
> effectively user1 has read access on the sub folder
> "testsubdir" it should deny acl changes on that right?.
Who is the file owner of "testsubdir"? You can find out who
is the owner with the command "ls -ld testsubdir". If user1
is the owner, then it does not matter if user1 has only read
access. If user1 is not the owner, then we might have a bug
in Samba. Please send us your smb.conf configuration file
and a debug level 10 log of the smbd allowing this
operation.
Thanks in advance,
Volker Lendecke
More information about the samba
mailing list