[H-GEN] FAT32 HDD access

Joel Michael joel at diggy.com.au
Tue May 30 20:31:34 EDT 2000


[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics.  Please observe the list's charter.          ]

----- Original Message -----
From: David Duffy <avd at audiovisualdevices.com.au>
To: <general at lists.humbug.org.au>
Sent: Wednesday, May 31, 2000 9:54 AM
Subject: Re: [H-GEN] FAT32 HDD access


<snip>
> OK, I've formatted it. (The BIOS only took it to be 8GB but that's OK)
> I've mounted it & can access it just fine on the Linux (RH 6.2) box.
> I set up a disk share in Samba to share it over the Win98SE network.
> But... unless I set it to "public access" I can't get permission to
write
> to it.
> Also, when I set the "allowed hosts" it fails password acceptance.
> I've read the man pages but am still a bit confused on how to set it
up.
> I want R/W access from the Win98SE network but no security problems
> as the same Linux box is also the Internet interface/server/mail
exchange.

In that case, I'd look into
IPfwadm/IPChains/IPNat/IPMangling/IPwhateverthehellitscallednow, and
really lock down the machine.  Decide what traffic you want to go in and
out of which interface, and disallow everything else.  At the very
least, firewall off TCP/UDP port 139 on the "Internet" side of this
machine ("man ipchains" for more info).  With your mail exchange, I
really hope you're using an MTA that disallows relaying, and have
anti-relaying turned on.

You may also need to look at the mount options for the hard drive, to
allow everyone to write to it (file mode 0777 - from memory it defaults
to 0755 - "man mount" for more).  I'm guessing that samba uses the
logged-in uid to write files, and if the dos disk was mounted 0755, then
you would not have permission to write to it.

Hope these pointers help :)
--
Joel Michael


--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.



More information about the General mailing list