Securing Samba, Freecom network drive works when it shouldn't?
I'm confused about my network drive.
I've got a Freecom 400GB network drive, with build in FTP and SMB server. I'm not very experienced when it comes to Samba. And I'm not very experienced with network drives. At least I thought I knew how they work but it turns out I don't :sad:
Well, here's the deal. I have this network drive connected to my network via a switch, to which my other machines are connected as well. The drive is setup to request DHCP from my server, and the server is configured to hand out all info and assign DNS and all.
Now I take a random computer, login as root, et voila! I can mount the network drive and do all sorts of arbitrary stuff to it. I have not edited smb.conf, I have not setup anything, I use an invalid username and an invalid password. As long as I am root, the thing accepts everything I throw at it.
If I run this command (literal copy/paste from Konsole) :
And I have read/write access to the drive.
# hebnix is the DNS name for the drive.
mount -t smbfs -o username=foo,passwd=bar //hebnix/data /mnt/samba/data
This should not be :confused:
From a security perspective this is terrible. Anyone with a *nix box on my network can mount the share using a completely invalid random username and password. What I want, is that the drive respects user permissions.
Also, as the drive is FAT32, at least I think that is the cause, I cannot change file ownership on the disk, and it doesn't respect my (tight) umask. All files are rwxr-xr-x, and all I can do as far as I can see is toggle the 'write' flag. 'read' and 'execute' seem mandatory. But this may be due to FAT32. Hmmm?
I would be really helped if someone (you? ;)) is able to tell me how I can make the drive respect file ownership/permissions and also do what under NFS is called root_squash.