I have mounted a shared folder from a W2k3 box and it is connecting successfully but when I list the contents files have -rwxrwSrwt and I don't know that that means or if I should be concerned.

It means owner can read, write, execute as can the group and others
r w x r w r w
see man chmod
You should be fine.
Dave

How did you mount it? Did you use smbfs or cifs? You can use the uid, gid, fmask and dmask options which will be fallback values if cifs isn't supported by the server. The "S" in the group position is a guid file or directory. It looks like you may have posted the values of a directory instead of a file. The "t" is for the sticky bit. A directory with the sticky bit set will not allow one user from deleting another user's files. It used to be used for files to keep the files in memory after loading. (hence the name sticky) Since computers don't use magnetic core memory anymore, the sticky bit is unused for files. For guid directories, a file created in such a directory will inherit the group owner of the directory. On some Unixes, this may be the same for suid directories, but not in Linux.

A guid executable file can be very dangerous. It runs with the permissions of the owner. Linux allows guid executable but it ignores the guid bit for scripts. Other Unixes do not.

If your Linux client still uses smbfs, then use the uid, gid, fmask & dmask to mask out dangerous permissions. On the server, you might want to change the default permissions of the share to not allow programs to be run. This will protect other windows clients as well. For a globally writable share, you should never allow programs to be runnable. This is true for windows as well. The "x" bit part of the permissions may be inherited from a bad windows configuration for the share. Consider fixing that.

---
note: it's been a while since I've booted into windows. I'm not certain that there is a "runnable" setting for the security settings on shares or directories.

I have shared the W2K3 folder with the permissions of only my www user and Administrators to read and write. Everyone else is denied. In my Linux I have used

mount -t cifs -o username=www,password=www //192.168.1.6/www /www

/www is a directory I have created for mounting purposes.
Usernames and passwords are changed but match the user credintials on the W2K3 pc.

I want the /www to be writable by my local Linux user www (confused yet?) as it will be used as an internal http site for my office and want to be able to save files from apache to there. The apache config is not a problem, I have done that before.

You didn't mention how the the linux users authenticate or the security model used. If you have a linux user whos credentials match the windows shares credentials, or belongs to a group that has write access you should be ok. The permissions you posted indicate global access which isn't what you want. There may be a /srv/www/ directory already. Since the apache web server is running on windows instead (you like paying thousands of dollars in licensing fees a year I guess) and if the Linux computer isn't running apache, that sounds like a natural place to mount the remote apache share.

Your posted example for username matches the user & group reserved for chroot'ing apache, but I read your post to mean that isn't the real name.

It is better to use a .credentials file in the users directory. Otherwise anyone can read the username and password of the credentials. See the mount.cifs manpage for the format of the credentials file and the "cred=" option.

I am still wondering whether you posted the permissions of the mounted directory instead, or a symbolic link to the mount point.

Here is what I have done:

W2K3
Created a directory named WWW
Enabled sharing on the directory WWW as www
Removed the permissions for Everyone
Added the local user WWW to have Read/Write access to WWW directory
Added the group Administrators to have Read/Write access to WWW directory


Linux
Created a directory named WWW on /
From the shell I did mount -t cifs -o username=www,password=www //192.168.1.6/www /www
After doing ls -al this is what I see for all files listed in /www (now a mapped shared directory) is -rwxrwSrwt.


What I want and don't care if it's the right way or not, because it is the way I want it, is to use the shared directory as my root for apache which is running on the linux server. I just need to make sure that apache can write to the directory and can read from the directory. This way I can edit the files from my workstation that has the same WWW mapped to a drive (Z that I can add and remove the files from with Dreamweaver and such without the need for FTP.

I thought that the Samba3 Howto & Reference Guide had information how combinations of Linux permission bits map to Windows, but all I found are these generic one to one mappings:
You may want to test whether you can modify a file on the share as a non www regular user. The permissions you listed look to me like the permissions on a symbolic link. In that case permissions of the target control access.

Will try to modify the files and see what I get. Won't have a chance for a day or two but will try to post my finding. Thanks for all your help.