I have a couple of questions :
I have inherited a file server that provides Samba and NFS file shares. We use a combination on file system acls and posix permissions
. I’m looking to better secure access to the files by trimming some of the permissions etc.
1) What services could break if I change the umask from 022 to 007
thus by default only user and group have rw access to the files and directories ignoring facls ?
2) I have found that using samba and NFS to share the same file system are not so grate as when some windows file permissions are set this cause the file permissions to be more open eg permissions for other get set to rwx, when this is not wanted as over NFS this grants everyone access to the files. Is there a workaround for this ?
3) are there any best practices for configuring file system acls, that will ensure better data security , other then the obvious limiting of write and execute permissions.
Any other recommendations around using NFS and Samba together ?