Ubuntu
cifs-utils package

Directory traversal permission not respected even with noperm

Bug #1939968 reported by Joel Low
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cifs-utils (Ubuntu)
New
Undecided
Unassigned

Bug Description

I'm trying to mount a Samba share on an Ubuntu system. Both server and client are Ubuntu machines. On the server, the directory shared (outer directory) belongs to a user different from mine, but the owner of the outer directory has granted everyone traverse permission (chmod 0711, basically) to access an inner directory, of which I have been given read access (using setfacl, rx permission).

When I am running as myself locally on the server, I can access the inner directory. I can also do so logging in as myself from a Windows machine and accessing the inner directory. However, when accessing the inner directory via an Ubuntu client, I get permission denied even with `noperm` set (but expected this to succeed, exactly like the Windows client.)

I have tried to distil this down into a reproduce script which can be run on a single machine:

# Install dependencies
sudo apt install --yes samba cifs-utils
sudo smbpasswd -a $USER # Add a password

# Set up shares
mkdir ~/samba
sudo mkdir -p ~/samba/outer/inner
sudo chmod 0711 ~/samba/outer ~/samba/outer/inner
sudo setfacl -m u:$USER:rx ~/samba/outer/inner
cat <<-SAMBA | sudo tee -a /etc/samba/smb.conf
[test]
 path = $HOME/samba
 browseable = yes
 read only = no
 guest ok = no
SAMBA
sudo systemctl restart smbd nmbd

# Mount the share
sudo mkdir /media/$USER
sudo chown $USER /media/$USER
mkdir /media/$USER/samba
sudo mount //localhost/test /media/$USER/samba -t cifs -o vers=3.1.1,user=$USER,noperm

# Test local access
ls -la ~/samba ~/samba/outer ~/samba/outer/inner # ~/samba lists fine, ~/samba/outer Permission denied, ~/samba/outer/inner lists fine.

# Test mount access
ls -la /media/$USER/samba /media/$USER/samba/outer /media/$USER/samba/outer/inner # /media/$USER/samba lists fine, others Permission denied (inner should have listed fine)

# On a Windows machine
net use T: \\<ip>\test /User:$USER *
dir T:\ # OK
dir T:\outer # File not found
dir T:\outer\inner # OK

I have run this script on a fresh Ubuntu 21.04 desktop install and observed this behaviour. However, the trigger for this investigation was observed on an Ubuntu 20.04.2 server install (both server and client).

lsb_release -rd: Ubuntu 21.04
uname -srv: Linux 5.11.0-25-generic #27-Ubuntu SMP Fri Jul 9 23:06:29 UTC 2021
cifs-utils package version: 2:6.11-1ubuntu1

See original description
Joel Low (lowjoel)
description: updated
description: updated
Revision history for this message
Joel Low (lowjoel) wrote :

(I've tried to figure out how to attach an `ubuntu-bug` report, but since this isn't exactly a bug with a specific program, I don't know what to do in that circumstance. Guidance would be much appreciated.)

Joel Low (lowjoel)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.