From: "Zabel, Daniel" <[email protected]> Date: Tue, 25 Oct 2011 11:44:01 +0200
> I have a share "dev". This share should be readable by all domain users. > > Beneath this share, there is a folder "source " which should only > accessibly by developers. > > This folder has unix permissions set to 770 (recursive) , owner is user > "build" and group is "develop". > Share setup is: > > [dev] (snip) > valid users = @MYDOMAIN\domain-users > force group = @MYDOMAIN\develop (snip) > If I connect to this share by a user that is member in "domain-user" and > NOT in "develop" I can read all files - also all files beneath "source". > Why did samba ignores the unix file permissions on folder "source" ? You specify "force group" line, which means that the primary group for every user accessing to the share is changed to "develop". Thus they can access to the "source". > Trying the same on a unix console with the user gives a "Permissions > denied" like expected. Of cource "force group" parameter is applied only to connections via Samba. --- TAKAHASHI Motonobu <[email protected]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
