[Samba] guest permission bug?
tomm at lime-technology.com
Thu Nov 15 14:17:34 MST 2012
Suppose there is a directory called /mnt/foo which is set up as a 'guest ok'
share. The owner/group is joe/users. The permissions are set to 0770.
User joe has a valid local account and can access the share correctly.
Another user with an unknown local account attempts to connect. This 'bad user'
is mapped to the local 'nobody' user, which is also in the group 'users'. In
this case, the access is denied due to no permission (this is the bug).
If we change the directory permissions on /mnt/foo to 0774, then the
operation succeeds. Alternately, if the ownership of /mnt/foo is set to
nobody/users (leaving permissions at 0770) then the operation also succeeds.
This problem only exists when attempting to traverse directories. For example,
if the file /mnt/foo/bar exists with permissions 0770, the guest user is able
to fully read/write the file as expected.
This appears to be an obscure bug in Samba where the group permissions for the
'bad user' user are not honored and instead it uses world permissions, but only
for traversing directories.
More information about the samba