Nyxtorm Posted January 18, 2023 Share Posted January 18, 2023 Hello, Today we have 3 possible choices for SMB exports privacy on Unraid: Yes / Yes (hidden) / No I have a little problem with "Yes" because it is too permissive and with "Yes (hidden)" which is too restrictive. - With "yes" : it is possible to list all available shares, even when authenticating with "guest" or "anonymous" on \\UNRAID_HOST\ - With "yes (hidden)": In this mode, very well the share is hidden for guest/anonymous. However, even if I authenticate with a "real" user, they are hidden of course. I use Solid Explorer on mobile, I would like to have a single shortcut to \\UNRAID_HOST\ to be able to list my shares to which I have at least read access. In "Yes (hidden)" mode I have to create a shortcut for each share. It quickly becomes a mess with many shares. It would be nice to have : * Yes -> The current behavior : export for all including guest/anonymous and Unraid users with or without access rights * Yes (hidden) -> The current behavior, hidden for all * Unraid authentication -> Listed only in case it's a unraid user, with a sub-option "Hide share if Unraid user doesn't have read rights on it". * No -> Current behavior I agree that this is not a very important feature, but more of a comfort feature where there is a lot of shares and privacy is best. Sorry for my English, Quote Link to comment
gluebaby Posted April 1 Share Posted April 1 Just stumbled across this, and I second this idea- or if anyone has any good solutions I'd appreciate it. I don't like that when browsing my server as a guest I can see all the folders even though I don't have access to them. I guess technically I can choose not to export them or to export them as hidden, but I want my users to see the folders which they have access to and nothing else. I'd love a feature like OP described, or some advice on how to get by in the meantime. Quote Link to comment
itimpi Posted April 2 Share Posted April 2 17 hours ago, gluebaby said: but I want my users to see the folders which they have access to and nothing else. This is not an option in Unraid. If there is a Samba combination of settings that provides this it would be nice to know as it could then be implemented. Not sure it is even possible on a Windows server although I could be wrong about that. Quote Link to comment
gluebaby Posted April 2 Share Posted April 2 6 hours ago, itimpi said: This is not an option in Unraid. If there is a Samba combination of settings that provides this it would be nice to know as it could then be implemented. Not sure it is even possible on a Windows server although I could be wrong about that. Access based enumeration? Quote Link to comment
Bastian Posted April 3 Share Posted April 3 Some quick testing with @gluebabys suggestion. I created two shares: visible: Export = Yes, Security = Private, my user has read/write access nvisible: Export = Yes, Security = Private, my user has no access Without any modification to SMB: Both shares are visible. After applying ABE like described in this article: I just added those two settings to the SMB configuration: It probably needs more testing to figure out any edge-case, drawbacks, etc., but it seems to be technically possible. Quote Link to comment
gluebaby Posted April 3 Share Posted April 3 38 minutes ago, Bastian said: Some quick testing with @gluebabys suggestion. I created two shares: visible: Export = Yes, Security = Private, my user has read/write access nvisible: Export = Yes, Security = Private, my user has no access Without any modification to SMB: Both shares are visible. After applying ABE like described in this article: I just added those two settings to the SMB configuration: It probably needs more testing to figure out any edge-case, drawbacks, etc., but it seems to be technically possible. I will give this a try when I get home, but yeah I suspected such a thing would be possible. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.