[Samba] Follow symlinks vs bind-mount
Rowland penny
rpenny at samba.org
Wed Apr 22 14:58:00 UTC 2020
On 22/04/2020 15:38, Reindl Harald via samba wrote:
>
> Am 22.04.20 um 15:43 schrieb Hal Vaughan via samba:
>> A while back I got some good advice about using bind-mount on my Linux server to include directories outside my Samba shares. It had been years since I set up a server and forgot about "follow symlinks" and stumbled on that yesterday.
>>
>> Is there a reason for using one of these over the other one?
> "follow symlinks" and friends have a long history of security issues for
> all sort of services, not only samba
>
Seeing as the default for 'follow symlinks' is 'yes', the OP could have
used at anytime, but this (if the symlink is outside the share) will
entail setting 'wide links = yes', something that is not recommended.
A bind-mount is were a directory is mounted somewhere else, in effect,
it is a type of symlink, but the admin has more control.
Rowland
More information about the samba
mailing list