Hi, I am using Samba version 3.051 in an Active Directory setting with Windows 2000 server. Everything is working rather well with regards to file-sharing and authentication. However, the one thing that I noticed that I haven't been able to fix quickly with SWAT is the prevention of browsing the Linux file-system with users such as 'nobody' or 'bin'. For example... I have a user in Active Directory named John. John is part of the group 'students', and has restricted access through Group Policy and Samba Shares. Now John should only have three browseable Shares in this example, Home, Public, and Software. Samba and Windows drive mapping take care of this correctly. But say John is a Linux fan, notices that were are using Linux, and decides to play around abit. John now enters \\(linux machine)\nobody ( more appropriate \\%N\nobody\), and TADA.... he now can see the root file-system for the Linux machine. Now John can browse through /etc/samba, find my samba.conf file, and see all the shares I may have hidden. I know I can chmod that file but that's not what's scaring me. John shouldn't be able to see /. I know that user 'nobody' home directory is /. John shouldn't have access to nobody's home directory. HOW DO I STOP THIS? Changing the properties of 'Other' on the folders in the root filesytem won't help because it just starts to break things. So I need a quick fix before I start buying books and reading months of old threads to resolve this issue. Thanks Ladies and Gents, Guille p.s. Sorry if this question is answered already in a thread I haven't found. I just joined the Mailing list and I am currently searching.
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
