Jump to content

Recommened secure ZFS permissions? CHMOD?


Recommended Posts

Posted

Hi everyone,

 

I have a ZFS array that I am sharing out via Settings->SMB:

 

[myFiles]
path=/mnt/myFiles
browseable = yes
public = no
guest ok = no
writeable = yes
read only = no
valid users = user1 user2

 

Due to some foolishness, when attempting to get user2 access to the myFiles share, a "chmod -R 777 /mnt/myFiles" was run.  Of course this provides wide open access including execute permissions.  This is not desirable for a  number of security reasons.

 

Can you please advise what updated CHMOD should be run to set permissions on these files to a more appropriate level for a file share?  I'm thinking to run CHMOD against the entire '/mnt/myFiles' share, as 99% of the files are simply static files that users will need R/W access to.  For the small number of files that will need execute rights, I can go an manually CHMOD those specific files.

 

So, would CHMOD 666 be the recommended value, or perhaps 660?  The 'myFiles' share does not contain any VMs, Dockers, or Docker data.  It is strictly a file repository.

 

Thanks everyone,

Cal.

 

Posted

Basically doesn't matter for a data share, executing files would require having a shell to the server, having a shell to the server can only be done as root, and root would have all permissions anyway.

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...