Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer Freston's Avatar
    Join Date
    Mar 2007
    The Netherlands

    Securing Samba, Freecom network drive works when it shouldn't?

    I'm confused about my network drive.

    I've got a Freecom 400GB network drive, with build in FTP and SMB server. I'm not very experienced when it comes to Samba. And I'm not very experienced with network drives. At least I thought I knew how they work but it turns out I don't

    Well, here's the deal. I have this network drive connected to my network via a switch, to which my other machines are connected as well. The drive is setup to request DHCP from my server, and the server is configured to hand out all info and assign DNS and all.

    Now I take a random computer, login as root, et voila! I can mount the network drive and do all sorts of arbitrary stuff to it. I have not edited smb.conf, I have not setup anything, I use an invalid username and an invalid password. As long as I am root, the thing accepts everything I throw at it.

    If I run this command (literal copy/paste from Konsole) :
    # hebnix is the DNS name for the drive.
    mount -t smbfs -o username=foo,passwd=bar //hebnix/data /mnt/samba/data
    And I have read/write access to the drive.

    This should not be

    From a security perspective this is terrible. Anyone with a *nix box on my network can mount the share using a completely invalid random username and password. What I want, is that the drive respects user permissions.
    Also, as the drive is FAT32, at least I think that is the cause, I cannot change file ownership on the disk, and it doesn't respect my (tight) umask. All files are rwxr-xr-x, and all I can do as far as I can see is toggle the 'write' flag. 'read' and 'execute' seem mandatory. But this may be due to FAT32. Hmmm?

    I would be really helped if someone (you? ) is able to tell me how I can make the drive respect file ownership/permissions and also do what under NFS is called root_squash.
    Can't tell an OS by it's GUI

  2. #2
    Just Joined! vishesh's Avatar
    Join Date
    Jul 2009

    use testparm

    send output of
    root#testparm -v


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts