From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20252 invoked by alias); 27 Sep 2003 15:35:13 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 20245 invoked from network); 27 Sep 2003 15:35:12 -0000 Received: from unknown (HELO smtp02.mrf.mail.rcn.net) (207.172.4.61) by sources.redhat.com with SMTP; 27 Sep 2003 15:35:12 -0000 Received: from 146-115-115-39.c3-0.lex-ubr2.sbo-lex.ma.cable.rcn.com ([146.115.115.39] helo=linuxsrv.condict.org) by smtp02.mrf.mail.rcn.net with esmtp (Exim 3.35 #4) id 1A3H6G-0005mS-00 for cygwin@cygwin.com; Sat, 27 Sep 2003 11:35:12 -0400 Received: from homepc (homepc.condict.org [192.168.1.101]) by linuxsrv.condict.org (8.12.5/8.12.5) with SMTP id h8RFekt5000608 for ; Sat, 27 Sep 2003 11:40:46 -0400 Message-ID: <006801c3850c$f1561c40$6501a8c0@homepc> From: "Michael Condict" To: Subject: smbntsec broken for drives shared as different user Date: Sat, 27 Sep 2003 16:09:00 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-SW-Source: 2003-09/txt/msg01736.txt.bz2 There are many reasons in Windows why you need to map a shared drive onto your system by connecting to it with an explicit username and password, different from the current logged in user. The most important reason is that you are logged into a desktop as a local (non-domain) user and want to access files shared by another system. No local user on your system has the same SID as any user on any other system, even if the user-name is the same. Both Windows and CYGWIN treat the two users as distinct. But when a local user y connects to a shared drive as user x, he should have all the rights of remote user x to access files and directories on that drive. Windows gets this right, but CYGWIN's smbntsec does not. It thinks you have the rights of user y. This shows up in strange ways. When you try to create a file and write to it, the file will be created, but the write will fail and it will be left zero-length. When you try to delete the file, "rm" will tell you it's write protected, but the delete will succeed anyway (because the remote SMB server allows it, of course). Is there any hope of fixing this behavior? Right now I have a SAMBA server on Linux sharing files to my Windows XP desktops, and I can't set them up as members of the SAMBA domain, because then I lose one of the most precious features of Windows XP, namely the ability to switch users without logging off (multiple logon sessions in parallel), not to mention several other nice features (thank you very much, MicroSoft, for making us choose between unrelated useful features!). Anyway, this means that I have to login to my Windows systems as a local user, but I want my home directory and most of my files to be on the SAMBA server, so I can access them from any Windows desktop. And I really don't want to completely unprotect the shared files on the SAMBA server. Is there perhaps a work-around for this? Or is this just a basic incompatibility between the SMB security model and the Unix model? Thanks for any advice. Michael Condict -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/