This is going to be a multi-faceted question. I want to solve this issue, but I want to understand how the solution works, too.

The issue is with a share on my samba server. I have a file that is very vital that I don't want to lose. However, I want my wife (who is a clutz and could delete the file) to be able to view it. So, I gave her permissions to read the file, but not to write to or execute it. I sat at her computer and tried to edit the file to verify that she didn't have the rights. Well, she did. From her computer using her username I was able to edit the file and save my changes.

She did have write permissions to the share, however. I looked in my smb.conf and found that there was no security=user line in there. I think I know what the issue is and how to solve it, but I want to verify that I have a complete understanding of the situation. The following is how I understand things to work currently. Please point out any flaws in this.

smbd is a service running on my Linux box. The owner of this service is root, and therefore this service has complete access to all files unless otherwise stated. When my wife connects to my computer, she is connecting to this service, and thus when she tries to access the files, she can do so with root access. The service itself has to deny her access to files and shares because the OS will not (because it will always allow a root-owned service access unless permissions dictate otherwise). Thus, the problem is with my setup of the service (which means the problem is in smb.conf). The problem I have in the smb.conf file is that I don't have a security=user line. The default is security=share (please verify this, because it's a question I haven't answered yet). Because my wife has write access to the share, and smbd is using share-level security, she has permission to write to the entire share regardless of file permissions. If I change security to user-level, then smbd will verify that she has file permissions and therefore she will not be able to write to the vital file in question.


Thank you all for helping. I will graduate from being a newbie some day, but only with your help.

First of all this should be in the security thread.

Other than that, running a daemon as another user besides root is just a good security measure in case the service gets hacked. (buffer overflow, et cetera). You should definately set the security permissions to user and not share, share can only be applied to folders and not files (at least it does in windows if its different in samba let me know guys). You can feel free to post the area of smb.conf for further investigation of course

So I was correct about the daemon having root permissions, and thus the daemon has to deny access, because the OS won't? I want to make sure I understand that.

AFAIK ferreter is right about security=user level. security=user means per-file authentication, while security=share means a user gets authenticated when entering the share and basically everything after is just fine (or not).
Maybe another solution is just to chattr +iu the file?