[Bug 146367] Re: An extra 'executable' bit is seen when POSIX ACL is used by Samba

DaneM dmutters at gmail.com
Thu Dec 8 22:16:32 UTC 2011 

Sorry to revive an old bug, but I've recently run into this problem.
Using the following in smb.conf, when I create a file as a remote user,
the Owner's permissions are always set to executable on files (rwxrw-
rw-), whereas they should be rw-rw-rw-.

[DnD Public]
path = "/mnt/PERSONAL/Dane/RPGs/DnD Public"
comment = Players can put stuff in here
writeable = yes
guest ok = yes
guest only = yes
force create mode = 0666
force directory mode = 0777

I've tried it with "force user = dane" in there (since that's my local
login, which is set-up in samba's database), but keep getting the same
result.  Since this is a security problem, depending on the context, and
since there's already a patch released upstream, at the link above, I
was hoping this could get fixed in a security release sometime soon.
(The patch was posted to that page in 2006--if this is, indeed, the same
bug.)

I might end up patching and compiling Samba, myself, but I'd really
rather not dump a pile of "make install" into my filesystem tree (and
that wouldn't fix the bug in the repository, besides).

Thanks for reading.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/146367

Title:
  An extra 'executable' bit is seen when POSIX ACL is used by Samba

Status in “samba” package in Ubuntu:
  Invalid

Bug description:
  Binary package hint: samba

  It happens on Feisty server with latest security updates.

  I'm using POSIX acl's to force some groups permissions. On server
  filesystem everything works fine. I share this folder with Samba.

  Problem occures when I mount this folder from the client as 'cifs'
  filesystem. New files created by the client are becoming automatically
  executable (they shouldn't).

  There is a patch in the Samba mailinglist:
  http://lists.samba.org/archive/samba-technical/2006-September/049397.html

  I have rebuilt ubuntu samba deb with this patch applied - PROBLEM
  SOLVED.

  This fix is important because I couldn't find any other way to use ACL
  on network filesystem in Ubuntu. NFS ACLs are disabled in default
  Feisty kernel.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/146367/+subscriptions

More information about the foundations-bugs mailing list