Used to have option that owner is to be inherited. Why was this removed?
With this removed, the owner is who ever created the file!
The problem with this is that the owner can always modify permissions in Windows.
So if I'm a project member (not admin) and should have only r+w rights to some project dir, I can create a new empty file. I will own it. I will open original document and copy paste its contents into the new file I created and save it. Because I own the new file I can mod its perms. I set group "everyone" to have access to it... and now I have leaked the project document.
This is a major BUG and has totally broken perms in FreeNAS.
Owner needs to be set for a share and sub-items need to inherit the owner upon new item creation. Anything else is ridiculous. At least you should have kept the option in the GUI.
With this removed, the owner is who ever created the file!
The problem with this is that the owner can always modify permissions in Windows.
So if I'm a project member (not admin) and should have only r+w rights to some project dir, I can create a new empty file. I will own it. I will open original document and copy paste its contents into the new file I created and save it. Because I own the new file I can mod its perms. I set group "everyone" to have access to it... and now I have leaked the project document.
This is a major BUG and has totally broken perms in FreeNAS.
Owner needs to be set for a share and sub-items need to inherit the owner upon new item creation. Anything else is ridiculous. At least you should have kept the option in the GUI.
Last edited:
