[Samba] Anyone can create empty files (v 3.5.11)
dan.carpenter at oracle.com
Mon Sep 26 12:18:09 MDT 2011
I've found a solution which is to just chmod o-rwx the dictory so the
testuser doesn't have permission to open any files. That way it
can't open them with O_CREAT by mistake.
I'm still new at Samba but it seems to me like what happens is that:
1) I type "touch asdf" as testuser on the client.
2) The client doesn't know what permisions "asdf" has until it opens
3) It opens it as dcarpenter, because that's how I mounted the share.
4) The server says "Oh, fine. dcarpenter is permitted to open files"
5) After doing the open, the client now knows what the permisions are
and I don't have permission to open the file. Unfortunately, I
already just created it, so the client gives me a permision denied
message and closes the file.
I haven't looked at this, but it might be possible to fix the Samba
client. If the client can see that testuser doesn't have write
permision to the directory, it could mask out the O_CREAT flag before
sending the open() to the server.
More information about the samba