[Samba] Samba 4 security

steve steve at steve-ss.com
Wed Nov 30 02:48:12 MST 2011


Hi
Samba 4 from GIT yesterday. openSUSE 12.2 server and client test setup. 
Reproducible on an Ubuntu client too.

in smb.conf  have:

[homes]
path = /home
read only = no

On a linux client (eg using konqueror or dolphin or nautilus) I enter

smb://hh3/steve

where hh3 is the name of the samba server. Samba is not installed on the 
clients.

As a normal user, I can enter everyone else's /home folder and create 
and delete anything I want!

Surely this can't be correct. Anyone else?

Cheers

Steve.


More information about the samba mailing list