Mailinglist Archive: opensuse (2459 mails)
| < Previous | Next > |
Re: [opensuse] Permission problem while accessing a folder mounted with CIFS
- From: Alexander Winizki <awinizki@xxxxxx>
- Date: Mon, 17 Mar 2008 15:40:33 +0100
- Message-id: <47DE82E1.40706@xxxxxx>
Rodney Baker schrieb:
grant me read access. I see the problem with the cifs vfs module. Or does the CIFS VFS module claim
to adhere - as opposed to Windows, KDE or smbclient - to some kind of specification that requires it to
deny read access in my situation?
-r-xr-xr-x 1 root root 2147483580 31. Dez 11:45 movie.ts
is what I get when I issue the ls command on the PC from which I have mounted
the samba server. So, if ls says I can read a file then I expect that I can
really
read it. At least this issue is IMHO a bug. The most strange thing is what I
found out yesterday:
I can read files for which ls reports that I have write access, like this:
-rwxrwxrwx 1 root root 2147483580 31. Dez 11:45 movie.ts
So, most probably I will use this method as a workaround meanwhile.
so I can record TV shows on it. I copy the recorded movies to my PC in order to burn them on DVD. So,
IMHO, security is not an issue in my scenario since the network is protected by a router from outside access.
I would indeed never configure a server like this in a company.
The more important thing for me is that it works with a couple of mouse clicks in Windows or in KDE or
with smbclient - with all these I have read access to the receiver's harddisk without needing to change
anything in the configuration.
So, I would be thankful for further comments.
Greetings,
Alex.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
On Mon, March 17, 2008 11:48 am, John Andersen wrote:guest account = root wasn't there from the beginning. I added it because I thought it would help.
On Sun, Mar 16, 2008 at 6:27 AM, Alexander Winizki <awinizki@xxxxxx>
wrote:
Hi,It sucks that you have to allow mounting anything thru samba as root!
I hav a PC with OpenSuse 10.3. In my network there is another box named
"dreambox" which is running a Samba server.
I want to open a file on this machine with a Java program running on my
PC. I mount the shared folder by issuing the following
command as root:
mount -t cifs -o user=root -o rw //dreambox/harddisk /mnt/dreambox
Then I can list the contents of the mounted folder. The file I want to
open is listed as follows:
-r-xr-xr-x 1 root root 2147483580 31. Dez 11:45 movie.ts
Then if I try to copy it to the local disk, I get an error message:
#cp movie.ts /home
cp: movie.ts cannot be opened for reading: No permission
But according to ls everyone has a reading permission!
Its just wrong on so many levels.
Worse, your guest account = root! Yikes.
[...]
Since I can read the files from Windows or KDE or smbclient, this proves that the server is willing to
Yes, this is very bad practice. There is a problem with the way your
shares are defined.
grant me read access. I see the problem with the cifs vfs module. Or does the CIFS VFS module claim
to adhere - as opposed to Windows, KDE or smbclient - to some kind of specification that requires it to
deny read access in my situation?
The Samba server does not necessarily use the fileThe listing like:
system permissions on the server - it maps shares with a different set of
permissions that can be defined on a global or share-by-share basis.
-r-xr-xr-x 1 root root 2147483580 31. Dez 11:45 movie.ts
is what I get when I issue the ls command on the PC from which I have mounted
the samba server. So, if ls says I can read a file then I expect that I can
really
read it. At least this issue is IMHO a bug. The most strange thing is what I
found out yesterday:
I can read files for which ls reports that I have write access, like this:
-rwxrwxrwx 1 root root 2147483580 31. Dez 11:45 movie.ts
So, most probably I will use this method as a workaround meanwhile.
You definitely should not have the file (or the share) owned by root. WhatIt's just my home network. The samba server is a digital TV receiver based on Linux with a built-in HDD
level of security do you have set for Samba?
so I can record TV shows on it. I copy the recorded movies to my PC in order to burn them on DVD. So,
IMHO, security is not an issue in my scenario since the network is protected by a router from outside access.
I would indeed never configure a server like this in a company.
The more important thing for me is that it works with a couple of mouse clicks in Windows or in KDE or
with smbclient - with all these I have read access to the receiver's harddisk without needing to change
anything in the configuration.
So, I would be thankful for further comments.
Greetings,
Alex.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |