[Samba] share permissions

steve steve at steve-ss.com
Tue Aug 20 10:16:50 MDT 2013

On Tue, 2013-08-20 at 10:22 -0500, Ricky Nance wrote:
> Permissions are hard to explain (possibly because I don't fully understand
> them myself I guess), but if you have a directory (say /srv) and you give
> it 0700 permissions, then only the person that owns that directory is able
> to see anything under it, however if you give it 0755, then ANYONE can see
> (the second 5 is R-X for everyone) whats in there, now you have a directory
> under that, lets call it share, (so /srv/share) and you give it permissions
> of 0777, then everyone can read/write in the share folder, but no one can
> write to the /srv folder except the owner. So when you had a share under
> /home/user (which is typically /home is 755, and the /home/user is 0700)
> then no one had access to the underlying directories (even if the
> underlying directory is 777, because the user simply can't get to that
> point)...
> If anyone disagree's or could explain this better please feel free to do
> so, I am not opposed to learning new things :)

How about:
You have to walk through /srv to be able to get to /srv/share. You can't
fly over it.

Only the owner of /srv can get into /srv and therefore anything else
inside it. It doesn't matter what permissions you set on /srv/share. The
only user who can access it will be the owner of /srv.

Anyone can now walk through /srv and therefore have a chance of
accessing /srv/share.

Anyone can do anything. If you can get there in the first place.

More information about the samba mailing list