Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security] samba weirdness
  • From: Christian Boltz <suse-security@xxxxxxxxx>
  • Date: Wed, 12 Oct 2005 00:34:29 +0200
  • Message-id: <200510120034.29927@xxxxxxxxxxxxxxx>

Am Dienstag, 11. Oktober 2005 13:55 schrieb suse-list:
> samba-3.0.13-1.1
> [in]
> path = /storage/
> force user = samba_quota
> [...]
> #ls /storage
> -rw-r--r-- 1 root root 137 Nov 22 2004 readme.txt
> i thought that users coming to \\srv\in only can read file readme,
> but they can /DELETE/ this file !!!

Deleting a file requires write access to the _directory_ containing it.
So if user "samba_quota" has write access to the directory, he also can
delete any file in it.

However, he can't delete files in a subdirectory (or the whole
subdirectory) if he hasn't write permissions in that directory.
(But he can delete empty directories, to be complete.)

BTW: All I wrote isn't samba-specific.


Christian Boltz
Ausserdem bin ich ja zum Glück unkündbar... Sklaven werden verkauft
und nicht gekündigt! ;-) [Thilo Alfred Bätzig in suse-linux]

< Previous Next >