NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RN214 File creation using Windows 10 SMB
Greetings. I have a RN214. After upgrading to the OS6.9.5 I'm seeing the group "users" being added to all files being created as the default group with permissions of rwxrwx---+. For example, the...
I created a new user (zoro) that is connected to one group called "ostech". I then create a new share and made that user and group the only access. Here is output from the getfacl for the share and file I created by using Win10 drop-n-drag.
root@WW:/data/ztest# getfacl /data/ztest/
# file: data/ztest/
# owner: ww
# group: ostech
user::rwx
user:admin:rwx
user:zoro:rwx
group::rwx
group:admin:rwx
group:ostech:rwx
mask::rwx
other::---
default:user::rwx
default:user:admin:rwx
default:user:zoro:rwx
default:group::rwx
default:group:admin:rwx
default:group:ostech:rwx
default:mask::rwx
default:other::---
root@WW:/data/ztest# getfacl zoro.txt
# file: zoro.txt
# owner: zoro
# group: users
user::rwx
user:admin:rwx
user:zoro:rwx
group::rwx
group:admin:rwx
group:users:rwx
group:ostech:rwx
mask::rwx
other::---
Even windows 10 security shows Allow users(WW\users) Full control and what's interesting is under the "inherited from" shows \\WW\ztest\
So how did "users" get added to the ACL's ??
BarkingSpider wrote:
So how did "users" get added to the ACL's ??
"users" is Netgear's built-in group, so it's possible it is baked into the ReadyNAS ACL.
Does this do harm?
Does this do Harm? Well, not sure. As I see it, if all files are being tagged with "users" as a group, then would that allow any user access to all files? So if I have a file that I own, but share with a NON "users" group, then fine, but if "users" is being put on too, then that is a problem since the permissions bits set to rwx and would give any user full control to files.
I also have a ReadyNAS 104 with the same OS (6.9.5) and this problem does not appear to happen on that device.
BarkingSpider wrote: "As I see it, if all files are being tagged with "users" as a group, then would that allow any user access to all files?"
No, only those users, which are member of "users". You could check, who is member of "users" by using /Admin page/Accounts/Groups and check the properties of "users". Anybody not in there would not have access, though.
Retired_Member wrote:
No, only those users, which are member of "users".
Correct. "Users" is a built-in group on the ReadyNAS. If you have no ReadyNAS accounts that are in the "Users" group, then that ACL shouldn't matter.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
