← Back to team overview

desktop-packages team mailing list archive

  1. desktop-packages team
  2. Mailing list archive
  3. Message #07301

[Bug 180251] Re: Default SAMBA configuration allows guest access unexpectedly

  Thread PreviousDate PreviousThread Next 
We are closing this bug report because it lacks the information we need
to investigate the problem, as described in the previous comments.
Please reopen it if you can give us the missing information, and don't
hesitate to submit bug reports in the future. To reopen the bug report
you can click on the current status, under the Status column, and change
the Status back to "New". Thanks again!


** Changed in: gnome-system-tools (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-system-tools in Ubuntu.
https://bugs.launchpad.net/bugs/180251

Title:
  Default SAMBA configuration allows guest access unexpectedly

Status in “gnome-system-tools” package in Ubuntu:
  Expired

Bug description:
  Binary package hint: samba

  Using Gutsy (7.10), the default SAMBA configuration (in
  /etc/samba/smb.conf) allows guest (non-authenticated) logins to a
  share.  This effectively means that, by default, all shares configured
  using the limited GUI tool are world-readable.  As this behavior is
  not indicated nor expected, and the resulting ports are now open to
  all users, this is a security problem (in the sense of privacy and
  unintentional exposure of data, not having the system taken over).
  Use of smbpasswd, etc., control access using the terminal (e.g.,
  smbclient), but the Nautilus "Places -> Network" feature does not
  authenticate (see bug #119774,
  https://bugs.launchpad.net/ubuntu/+source/gnome-vfs2/+bug/119774).
  The user accounts and passwords still dictate who has write access to
  the shares via Nautilus, but not read.  Moreover, it is not apparent
  which combination of "security" and "guest" settings in smb.conf are
  necessary to lock out the guest account.  I'm not certain if this was
  an issue in prior releases.

  Steps to replicate:
  1. Configure computer A to have a SAMBA shared folder, using System -> Administration -> Shared Folders
  2. On computer B, using Places -> Network, browse to or enter the address of Computer A's share
  3. Note that, without authenticating (possibly without even setting up a SAMBA user account using smbpasswd), all files in the share are readable, but not writable.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-system-tools/+bug/180251/+subscriptions
  Thread PreviousDate PreviousThread Next