Bug 1263162 - AD User is able to change permissions for Administrator for samba share
AD User is able to change permissions for Administrator for samba share
Status: ASSIGNED
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: samba (Show other bugs)
3.1
x86_64 Windows
unspecified Severity high
: ---
: ---
Assigned To: Guenther Deschner
storage-qa-internal@redhat.com
: Reopened, ZStream
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-15 04:51 EDT by Vivek Das
Modified: 2018-04-19 06:01 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-04-16 14:02:16 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vivek Das 2015-09-15 04:51:31 EDT
Description of problem:

AD user is able to change permission for administrator when accessing samba share.By logging in to a AD USER account it is allowing to change permission for administrator account.Which is not allowing any access to administrator to access directory for which USER has changed permission.

Version-Release number of selected component (if applicable):

samba-4.1.17-13.el7rhgs.x86_64

How reproducible:

Always

Steps to Reproduce:

Scenario 1:
1. Login as an USER create a directory in samba share. eg. FOLDER_1
2. Set Read only permissions to FOLDER_1 for ADIMINISTRATOR
3. Login as an ADMINISTRATOR
4. Try to create a directory or text file in USER created directory i.e FOLDER_1.
5. Access denied.

Scenario 2:
1. Login as an ADMINISTRATOR create a directory in samba share. eg. FOLDER_A
2. Set full access permission to FOLDER_A for USER.
3. Login as an USER.
4. Creare a directory FOLDER_U inside FOLDER_A.
5. Set Read only permissions to FOLDER_U for ADIMINISTRATOR
6. Login as an ADMINISTRATOR.
7. Try to create a directory or text file in USER created directory i.e FOLDER_U.
8. Access denied.

Actual results:

AD User able to change permission for Administrator.

Expected results:

AD User should not be able to change permissions for Administrator

Additional info:
Comment 4 Amar Tumballi 2018-04-19 00:17:33 EDT
Closed the samba bugs in bulk when PM_Score was less than 0. As the team was working on few of them, opening all of them.

Note You need to log in before you can comment on or make changes to this bug.