[Samba] Share-based security

Nico Kadel-Garcia nkadel at gmail.com
Mon Feb 6 05:48:27 MST 2012


On Mon, Feb 6, 2012 at 12:37 AM, Chris Smith <smb_77 at chrissmith.org> wrote:
> On Sun, Feb 5, 2012 at 5:09 PM, Nico Kadel-Garcia <nkadel at gmail.com> wrote:
>> And you're correct, the man page points this out.
>>
>> I've tried to avoid this particular kind of manipulation ever since I
>> first used Samba (way, way too long ago!!!) because the difference
>> between the permissions management of of specific shares in smb.conf
>> and the underlying POSIX compatible filesystem based permissions were
>> easier to audit, safer and more robust to manage on the fileserver
>> side, rather than being overlaid or overwritten by any mismatched CIFS
>> based ownership.
>
> Just the opposite, from a long time Samba (and Windows) user as well.
> I prefer to do whatever can be done at share level security first and
> only deal with file lever security if needed.

I've been doing a lot of "share it via NFS for Linux and UNIX users,
via Samba for Windows users" work. Skew between the permissions
iis.... awkward, and having to manage only one set of permissions has
been definitely easier fo rme and my clients.


More information about the samba mailing list