You are not logged in.

#1 2005-02-08 02:15:46

jskier
Member
From: Minnesota, USA
Registered: 2003-07-30
Posts: 356
Website

Samba homes security problem

I have a problem with the homes share on my Samba server. If a user accesses \~nobody they are presented with access to the root directory. I tried to fix this by making that user invalid but with no luck. The network itself is fairly secure but with a few stupid curious users inside it. Any ideas on how to fix this? I need guest on for some shares, so turning that off all together will cripple things I need to run. I'm running Samba 3.0.11-1.

[homes]
        browseable = no
        delete readonly = yes
        wide links = no
        invalid users = nobody,pcguest
        only user = yes
        revalidate = yes
        comment = Home Directories
        valid users = jjohnson
        user = jjohnson
        guest = no

--
JSkier

Offline

#2 2005-02-08 12:08:55

Michel
Member
From: Belgium
Registered: 2004-07-31
Posts: 286

Re: Samba homes security problem

I'm not so familiar with configuring network-services ... but it seems the user "nobody" has as home-directory "/" in the "/etc/passwd" file. Maybe if you remove this entry and leave it empty you won't have this problem ... ofcourse, they shouldn't have access to the files of the user nobody at teh first place. Some servers run under that user I think.

I suppose samba can limit the view of guests ... Anyway, if that isn't true, maybe they can view all the thinsg wich are world-readable?

Hopes this helps,

Michel

Offline

#3 2005-02-08 18:57:32

jskier
Member
From: Minnesota, USA
Registered: 2003-07-30
Posts: 356
Website

Re: Samba homes security problem

I just gave it an empty home directory... I don't see why setting it to invalid in the smb.conf didn't work though. I'll just play with it some more and see where it goes.


--
JSkier

Offline

Board footer

Powered by FluxBB