Please remove the "accept guests" option from the GUI since it creates confusion for new users

Bug #490380 reported by Fabio Bossi
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
samba (Ubuntu)
Won't Fix
Wishlist
Unassigned

Bug Description

Binary package hint: samba

Steps to reproduce:

1) Right clicking on a folder in Nautilus and choose "sharing options"
2) Set up an SMB share with write permissions and check the "accept guests" option
3) Using a Windows PC, create a new file (or copy a file) into the new share (no password prompt appears)
4) See how the Ubuntu user cannot access the file without becoming root from command line

Chuck Short (zulcss)
affects: samba (Ubuntu) → nautilus (Ubuntu)
Revision history for this message
Sebastien Bacher (seb128) wrote :

nautilus doesn't do the sharing, nautilus-share just activates a samba feature there...

affects: nautilus (Ubuntu) → samba (Ubuntu)
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

What do you mean? Is this the wrong package?

Maybe you mean that this is not a bug? I thought that when you create a share between two Windows PCs, you don't have to be Administrator if you want to access the files that were created inside the share by a remote user. Couldn't this frustrate newcomers?

Revision history for this message
Thierry Carrez (ttx) wrote :

I can't reproduce that.
When I access the share I'm prompted for a user/password, and the file is being created with those credentials.

Supposing you shared <SHARED_DIRECTORY> as <YOUR_SHARE_NAME>:
please post the contents of "/var/lib/samba/usershares/<YOUR_SHARE_NAME>"
and the output of "ls -ld <SHARED_DIRECTORY>"

Changed in samba (Ubuntu):
importance: Undecided → Low
status: New → Incomplete
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

I'll try that soon, at most tomorrow.

Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

I forgot to say that I have also checked the "Accept guests" option in the nautilus dialog; I suppose that's why I'm not being asked for a password. And I remember that new files are created with owner root and group nogroup. I'm sure that an option exists in smb.conf to set the default owner for new files in the share (I had set it myself once to work around this problem, but now I can't remember it). I'd like that, if you pick "accept guests", that option would be set to the owner of the share.

Anyway, I'll try everything again as soon as I can.

description: updated
description: updated
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

Here I am. I have created a new read/write share with the "allow guests" options and created a new file from a Windows machine.

Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

As you can see, owner of new files is nobody.

The smb.conf option that I was talking about is "inherit owner = yes"

Changed in samba (Ubuntu):
status: Incomplete → New
summary: - Please change the default permissions on SMB shares
+ Please set option inherit owner by default on guest-enabled SMB shares
Revision history for this message
Thierry Carrez (ttx) wrote : Re: Please set option inherit owner by default on guest-enabled SMB shares

Yes, by default in samba, files created by the guest user are created under the account specified in configuration under "guest account", by default user "nobody". Creating them under the rights of the owner of the directory is introducing security risks that are not appropriate for a default configuration, in addition to diverging from upstream defaults. The use case of a totally unauthenticated writable share where files are created under an existing account is valid, but not for a default configuration. Setting "guest account = fabio" or "inherit owner" in the configuration file seems appropriate in that case.

Changed in samba (Ubuntu):
importance: Low → Wishlist
status: New → Won't Fix
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

OK, maybe setting that option is not the right thing to do, but I still have a strong feeling that something must be changed. New users who want to share files between their Ubuntu and Windows PC and create a guest-enabled share will be outraged when they find out that they cannot read their files. It would be best to completely remove the allow guests option from the GUI IMHO.

summary: - Please set option inherit owner by default on guest-enabled SMB shares
+ Please remove the "accept guests" option from the GUI since it creates
+ confusion for new users
description: updated
Changed in samba (Ubuntu):
status: Won't Fix → New
Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

I reopened the bug by my own initiative: please don't be angry about it :) . I won't do that again if you keep your opinion.

Revision history for this message
Thierry Carrez (ttx) wrote :

About "New users who want to share files between their Ubuntu and Windows PC and create a guest-enabled share will be outraged when they find out that they cannot read their files"

They should be able to read their files. Looking at comment 7 above:
-rwxr--r-- 1 nobody nogroup 0 2009-12-05 09:31 prova.txt

That's world-readable... you don't need to be root to read that file.

Revision history for this message
Fabio Bossi (fabio-bossi-deactivatedaccount) wrote :

You're right, sorry. However, they still can't write, even though the GUI option to allow writing was checked.

Revision history for this message
Thierry Carrez (ttx) wrote :

Well, they can write to the directory. The thing they cannot do is write to the file that was created through the share (though they can do that by accessing the share locally through SMB !).

I don't think that's confusing, it's a decent default security trade-off, and is easily toggled off.
The "accept guests" is mostly there to allow read-only shares accessible to guests, so it shouldn't be removed.

Changed in samba (Ubuntu):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.