[Pkg-samba-maint] Bug#678616: Bug#678616: default guest user "nobody"

Christian PERRIER bubulle at debian.org
Sat Jun 23 12:01:12 UTC 2012

tags 678816 wontfix

Quoting email.bug at arcor.de (email.bug at arcor.de):
> Package: samba
> The default user used by samba to create files of guest users currently
> is "nobody", however the filesystem should never contain anything 
> belonging to the nobody/nogroup. (see Bug #290623)

But the samba package doesn't create any file belonging to "nobody",
and doesn't even allow doing so, as it doesn't create any writable
public share.

> Other reasons to rethink the impersonation of nobody, are practical
> problems in accessing files created by samba guest users.
> May I suggest to introduce a proper samba-guest user and
> default to create files of guests on the local filesystem as "samba-guest"
> and the (general)  "users" group. (with the default umask 002)
> As all real users are supposed to be in the users group this should 
> give users full access to the files locally just as through samba.
> While at the same time the files are still inaccessible to potentially
> vulnerable (system user) deamon processes.

This is a deviation from a widely documented upstream behaviour and
just as for any such deviation without real solid rationale, I object
to it.

Any admin is entitled to do whatever customization suits his|her needs
and, anyway, I think that nearly all Samba servers need local
adaptation to fit local needs.

So, sorry, but I hereby tag this bug as wontfix.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20120623/9a6b2979/attachment.pgp>

More information about the Pkg-samba-maint mailing list