Access Based Enumeration on Linux with Samba?

gimpy530 · 05-30-2009, 11:36 AM

I recently migrated my server from Windows Server 2003 to Ubuntu 9.04 x64 Server. I am using Samba to create a cifs share, but I have one small security/privacy concern: Access Based Enumeration

This means that I would have a share (/media/data for example) which could have multiple directories under it like so:

drwxr-x--- 25 myself people 4096 2009-05-25 20:58 Public Dir
drwxr-x--- 3 myself myself 4096 2009-05-24 12:28 Private Dir

Notice that the group "people" can read "Public Dir", good. The problem is that users in that group can see that "Private Dir" exists even though they have no permissions for it. They are blocked if they try to access it, but I would like it if they did not even see that dir while browsing. I do not want to make it hidden by naming it ".Private Dir" as that doesn't do much (ls -a).

For Windows, Microsoft has software that will do this, but I can't seem to find a good way to do this on Linux. I know there has to be a way.

How can I make it so that the users in the group "people" do not even see that "Private Dir" exists?

Tinkster · 05-31-2009, 06:06 PM

Try adding

Code:

hide unreadable = yes
hide unwriteable files = yes

to the share definition.

Cheers,
Tink

gimpy530 · 06-01-2009, 07:25 PM

Worked perfectly, thanks.

Tinkster · 06-01-2009, 08:25 PM

Quote:

Originally Posted by gimpy530

Worked perfectly, thanks.

Glad to be of assistance ;)

Cheers,
Tink