[Samba] samba acl - able to change permissions that contradict user security setting

Chris Smith smb_77 at chrissmith.org
Wed Sep 8 08:55:23 MDT 2010


On Wed, Sep 8, 2010 at 1:43 AM,  <suresh.kandukuru at emc.com> wrote:
> 1) created share "test" given read and write access to the user "admin" and read only access to user "user1".
>
> 2) from my windows PC logged into the samba share  "test " with "admin"  user . created subfolder in that "test_subfolder".
>
> 3) on that subfolder  , from the windows security tab I could add user "user1" and can give read and write access to  that.
> How to prevent this ??. Actually on the share "test" user1 has read only access .How samba code is allowing to change permissions that contradict user security settings.
>
> 4) when I login to share "test" with "user1" , I cannot write into subfolder "test_subfolder"

Seems perfectly normal. Share level security will take precedence over
file level security when connected via the share. I'm sure you would
find the same results working with an actual Windows share (always a
good thing to test before you post).


More information about the samba mailing list