On 03/11/2010 09:28 AM, Matthew Daubenspeck wrote:
Hide unreadable works great, users cannot see any directories that they
do not have access to. However, they can still create folders in the
root of the share (/home/samba/share). I've even changed the perms of
that directory to 000, and still users can create directories there. Am
I missing something?
Have you patched your Samba 3.5.0 with the patch for CVE-2010-0728 yet?
See http://samba.org/samba/history/security.html for info; essentially
the problem was that Samba 3.5.0 (and 3.4.6, and 3.3.11) would ignore
permissions for various things.
I know that I had setup a Samba 3.5.0 PDC for a client of mine, and
thought that I had it setup correctly, but they were able to perform
actions that they did not have proper permission to do. When I applied
the patch for CVE-2010-0728, I had to do some reconfiguration to grant
them access to some shares and files that they then no longer had access to.
--- Mike
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
