Enable All Permissions For Root In Samba …
As I said in previous messages I have a local virtual machine running CentOS 7 so I do not need any security. Having that in mind I have installed Samba and this is how I setup for access the remote server:
[global]
workgroup = WORKGROUP
server string = Samba Server %v netbios name = CentOS Server security = user map to guest = bad user dns proxy = no
[root]
path = /
browsable =yes writable = yes guest ok = yes read only = no force user = root force group = root
I am able to connect as root without password but I can’t chdir into a few directories like for example /var/www. The permissions for such directory are:
# ls -la /var/www/
total 4
drwxr-xr-x. 4 root root 31 Aug 4 19:00 . drwxr-xr-x. 20 root root 4096 Aug 4 20:02 .. drwxr-xr-x. 2 root root 6 Jul 18 11:30 cgi-bin drwxrwsr-x. 2 apache root 22 Jun 30 05:05 html
Why I can’t access to /var/html? What I am doing wrong?
Thanks in advance
*Reynier Perez Mira*
Phone: (786) 5807572
EMail: reynierpm@gmail.com
[image: Facebook]
4 thoughts on - Enable All Permissions For Root In Samba …
thats a mighty big assumption.
your remote user who connects to this local VM is running windows as
‘root’ ? thats unusual.
I understand your concern because is a security flag but I can tell you that this is only a development environment because I use Windows as a host but I like to have all related to server in a VM
I am not sure what are you asking|telling me but I was never asked for a username/password to connect; it only goes ahead and connect but then I
can’t do anything like chdir or mkdir or create new files
*Reynier Perez Mira*
Phone: (786) 5807572
EMail: reynierpm@gmail.com
[image: Facebook] <https://facebook.com/ReynierPM> [image: Github]
<https://github.com/reypm> [image: Google+]
<https://plus.google.com/u/0/+ReynierP%C3%A9rezMira> [image: Twitter]
<https://twitter.com/reypm> [image: LinkedIn]
<https://www.linkedin.com/in/reynierpm>
Do you know what island hopping is?
https://en.wikipedia.org/wiki/Exploit_(computer_security)#Pivoting
Please explain to me how you are not attempting to create the easiest-to-access island of all time. That is, once an attacker gets into the VM, how have you precluded them from using that as a base of operations for attacking the rest of your LAN?
Samba isn’t allowed to access arbitrary places in the filesystem by default. You either need to mark the whole drive as accessible to Samba or disable SELinux:
https://en.wikipedia.org/wiki/Exploit_(computer_security)#Pivoting
You should probably be using something like SSHFS anyway:
https://softwarerecs.stackexchange.com/questions/13875/
Sorry, pasted the first link twice. Here’s the correct one:
https://wiki.CentOS.org/HowTos/SetUpSamba