[Samba] access to files continues after removing user from group
Reindl Harald
h.reindl at thelounge.net
Wed May 11 09:15:54 UTC 2016
Am 11.05.2016 um 03:38 schrieb Chad William Seys:
> cwseyst2 only looses access when smbd is restarted. (Or the smbd process
> acting for cwseyst2 is killed and respawned.) It seems as though the smbd
> process which is acting for cwseyst2 is running as root and can access the
> files as root instead of cwseyst2.
>
> The computer does not have nscd.
>
> Does samba not drop privileges aggressively enough?
looks so because most of the time smbd processes are running as root and
only when filetransfers are happening they switch to the connected user
(while i have no idea how it is possible at all to become root again
after priviliges where dropped)
none of these processes should run as root after the user authenticated
root 2122 0.0 0.2 436392 15224 ? SN 06:15 0:00
/usr/sbin/smbd -D
root 4897 0.0 0.0 426784 5056 ? SNs Mai03 0:03
/usr/sbin/smbd -D
root 4898 0.0 0.0 422904 1792 ? SN Mai03 0:00
/usr/sbin/smbd -D
root 4899 0.0 0.0 426848 3712 ? SN Mai03 0:01
/usr/sbin/smbd -D
netatalk has the more sane behavior here - the spawned process of the
user is *always* running as the user and never as root
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20160511/c0db2934/signature.sig>
More information about the samba
mailing list