Default/empty privileges

  • Am I correct in seeing that if you don't set any privileges, then the default samba share will allow everyone r/w (filesystem perms notwithstanding)?


    Programmatically I can see why nothing set --> no directives created in the smb.conf, but it also seems strange that:


    no privileges on folder --> both foo and bar have r/w to folder
    foo rw on folder --> no change to foo's access, but bar no longer has any access


    It also means that when adding a new user they would automatically get access to folders that were left unset (during the time when r/w for all was appropriate),


    Is there a setting to make the default more prudent and have "nothing set --> no permissions"?


    A related issue perhaps: how can I give one group rw on a share and everyone else r? I can't see a "users" entry in the privileges table.

  • So I guess the best practise is to always assign some privilege (even if they are redundant)?


    In that vein, how can we use the "users" group in privileges? For example if we want to restrict a share to read only for everyone?

  • Okay, so a vacuous group to which we manually add new members by default, and leave the "users" system group as an internal mechanism.


    I guess this is the most prudent and correct approach to take, and also solves the "absent privileges" issue as long as you always set an appropriate on shared folders creation - perhaps enforcing this can be an idea.


    Thanks for the insight.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!