[Samba] samba acl - able to change permissions that contradict user security setting

suresh.kandukuru at emc.com suresh.kandukuru at emc.com
Thu Sep 9 04:13:27 MDT 2010

  My Question was ,
1) we have a share "test" and user admin has RW access and user1 has R only access. from the windows PC , I have connected "test" share with user admin. and created subfolder "test_subfolder"
2) and on that sub folder admin user has given RW access to user user1 . Why samba is not preventing this, since user1 has R only access on that share  "test".??

Smith explained  this in last mail.

Thanks for asking


-----Original Message-----
From: Jeremy Allison [mailto:jra at samba.org] 
Sent: Thursday, September 09, 2010 9:13 AM
To: Kandukuru, Suresh
Cc: smb_77 at chrissmith.org; samba at lists.samba.org
Subject: Re: [Samba] samba acl - able to change permissions that contradict user security setting

On Wed, Sep 08, 2010 at 11:14:40AM -0400, suresh.kandukuru at emc.com wrote:
> Thanks smith for the quick reply. what I want to know is ,can not samba source code  prevent the changing setting rw access to "test_subfolder" user1 , since he has only read only access on  the share "test".

The processing of security on shares and security
in the underlying file system are completely separate.

A user who is only granted "read" access on a share
should not be able to change permissions on a directory
inside the share, as this is a write operation on an
underlying directory.

An "admin" user should be able to change such permissions
at will, as they have full root access to the exported

Can you explain a little more clearly what you are trying
to do (sorry, but I've been a little distracted by other
things at the moment) so I can understand if you are describing
a bug or not ?



More information about the samba mailing list