The macosxhints Forums
Page 2 of 2 1 2
Show 100 post(s) from this thread on one page

The macosxhints Forums (http://hintsforums.macworld.com/index.php)
-   Networking (http://hintsforums.macworld.com/forumdisplay.php?f=14)
-   -   SMB browsing (http://hintsforums.macworld.com/showthread.php?t=5006)

fragerybou 09-08-2002 04:02 PM
Re: browsing root
 
Quote:
Originally posted by yuriwho
I enabled smb sharing on my Mac, (changed my password to get it to work) and was able to connect to my Mac from a Win XP box. I logged in as a non-admin user and it mounted the home directory for that user. I then found that I could manually traverse up the directory tree into my Users directory by manually editing the path in the XP file browser window and then enter my main (Admin User folder)....Whoa, major security breach, anyone could read most of my files. I then edited the permissions on my home directory to 700 and that prevented other user accounts from viewing the files in my home directory. I'm still tinkering with this so see how sevure it is before I leave Windows File sharing on for guest users.
In case anyone's been having trouble reproducing it, i've done it too. just add to the address line "\\<servername>\<sharename>\..\." Simply adding a \..\ will resolve to the server itself. I'm not sure if this is a bug with Apple's implementation, or XP's, but it's certainly a big back door to your computer, if you don't have the right permissions set up. So far I've been unable to get it to access the root ("/") folder of the hard drive. Thanks for bringing this up yuriwho.

(UPDATE) It seems this backdoor only works to the /Users/ folder, and only occurs when you try it through a user's home folder. I have the public share set to /Users/Shared/SharedFiles/ and was unable to backtrace at all.

baryonyx 09-08-2002 08:14 PM
Craig, I swear to God I did exactly what you outlined about a dozen times and it never worked. So then I followed your post step by step and it worked. Go figure. Thanks!

I haven't been able to take advantage of stepping up past the immediate user's directory yet, but I'm such a newbie at Windows networking I'm lucky I got it working at all.

Andy

baryonyx 09-08-2002 09:26 PM
Okay, I figured out how to access all the volumes on my G4 from Windows via Samba. You must edit the /etc/smb.conf file thusly:

(Note: I use
Code:
sudo vi /etc/smb.conf
but then vi was the first Unix editor I learned--I'm sure there are about three thousand more user-friendly ways to edit this file.)

At the bottom of the file simply type using the following syntax (use the brackets as illustrated):
Code:
[Volume_Name]
read only = no
path = /Volumes/Volume_Name
For your root volume, the path would simply be
Code:
path = /
Then you can easily access it from the Map Network Drives wizard in XP by typing

\\servername\Volume_name

I don't know if this is particularly secure, but for my closed network it's perfect.

Andy

rmcellig 09-12-2002 07:06 PM
Is it possible for my PC friends who are outside of my LAN and who live in various parts of the world , to access my drive through mapping it on their PC? I have a shared folder set up in 10.2 with the users configured for Windows access.

I have a SMC Barricade router on my LAN. What ports do I have to open in order for SMB to work?


All times are GMT -5. The time now is 09:07 PM.
Page 2 of 2 1 2
Show 100 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.