Re: [opensuse] Permission problem while accessing a folder mounted with CIFS

17 Mar 2008

      ...
On Mon, March 17, 2008 11:48 am, John Andersen wrote:
...
On Sun, Mar 16, 2008 at 6:27 AM, Alexander Winizki 
wrote:
...
Hi,
 I hav a PC with OpenSuse 10.3. In my network there is another box named
 "dreambox" which is running a Samba server.
 I want to open a file on this machine with a Java program running on my
 PC. I mount the shared folder by issuing the following
 command as root:
mount -t cifs -o user=root -o rw //dreambox/harddisk /mnt/dreambox
Then I can list the contents of the mounted folder. The file I want to
 open is listed as follows:
-r-xr-xr-x 1 root root 2147483580 31. Dez 11:45 movie.ts
Then if I try to copy it to the local disk, I get an error message:
#cp movie.ts /home
 cp: movie.ts cannot be opened for reading: No permission
But according to ls everyone has a reading permission!
It sucks that you have to allow mounting anything thru samba as root!
Its just wrong on so many levels.
Worse, your guest account = root!  Yikes.
[...]
guest account = root wasn't there from the beginning. I added it because 
I thought it would help.
Yes, this is very bad practice. There is a problem with the way your
shares are defined. 
Since I can read the files from Windows or KDE or smbclient, this proves
Rodney Baker schrieb:
that the server is willing to
grant me read access. I see the problem with the cifs vfs module. Or 
does the CIFS VFS module claim
to adhere - as opposed to Windows, KDE or smbclient - to some kind of 
specification that requires it to
deny read access in my situation?
...
The Samba server does not necessarily use the file
system permissions on the server - it maps shares with a different set of
permissions that can be defined on a global or share-by-share basis.
The listing like:

-r-xr-xr-x 1 root root 2147483580 31. Dez 11:45 movie.ts

is what I get when I issue the ls command on the PC from which I have mounted
the samba server. So, if ls says I can read a file then I expect that I can really
read it. At least this issue is IMHO a bug. The most strange thing is what I found out yesterday:
I can read files for which ls reports that I have write access, like this:

-rwxrwxrwx 1 root root 2147483580 31. Dez 11:45 movie.ts

So, most probably I will use this method as a workaround meanwhile.
...
You definitely should not have the file (or the share) owned by root. What
level of security do you have set for Samba?
It's just my home network. The samba server is a digital TV receiver 
based on Linux with a built-in HDD
so I can record TV shows on it. I copy the recorded movies to my PC in 
order to burn them on DVD. So,
IMHO, security is not an issue in my scenario since the network is 
protected by a router from outside access.
I would indeed never configure a server like this in a company.
The more important thing for me is that it works with a couple of mouse 
clicks in Windows or in KDE or
with smbclient - with all these I have read access to the receiver's 
harddisk without needing to change
anything in the configuration.

So, I would be thankful for further comments.

Greetings,
Alex.

-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org