CasaOS icon indicating copy to clipboard operation
CasaOS copied to clipboard

Published 20 hours ago verified publisher icon IceWhaleTech

SMB shares created via Proxmox/CasaOS have no security

Open m1ntyduck opened this issue 1 year ago • 5 comments

Describe the bug When using proxmox / debian 11 / lxc any network shares created, are accessible with any security 'guest access with full read and wrote permisions

To Reproduce Steps to reproduce the behavior:

  1. Install Debian LCX
  2. Install Casa OS
  3. Use file manager to created SMB
  4. SMB crated
  5. Access SMB share from other devices - no password requirement

Expected behavior Expect to have to authenticate with CasaOS - username and password

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: Proxmox 7 4-3
  • Browser Chrome
  • Version 113.0.5672.126

m1ntyduck avatar May 27 '23 18:05 m1ntyduck

Hi, same error here. It would be nice to have a "Shares" menu, to add users, set up permissions. And at least use smb2 or better... I did not find info about smb on host. What happends if I set up shares on my ubuntu server host, and not in Casa OS UI? Worth a try...

Vizion-HUN avatar Jun 03 '23 17:06 Vizion-HUN

Shares are a no-go if anyone on the network gets full read-write no matter what. Until the native share feature in the files app can be enhanced to allow setting username/passwords is there an app in the app store that can be recommended for creating and managing SMB/NFS shares?

lewgrant avatar Aug 29 '23 23:08 lewgrant

Hello! Unfortunatelly I did not find any SW to create and manage samba shares. However via the config file it is not difficult. Maybe some kind of GUI script can do the job: add/remove user, set path, set recycle, etc. My smb setting is very simple, for 1 user only. Kids using other shared HDD.

hosts allow = 192.168.0.* 127.0.0.1

vfs object = recycle recycle:repository = /mnt/nas/.recycle recycle:keeptree = yes recycle:versions = yes recycle:touch = yes recylce:exclude_dir = /tmp /TMP /temp /TEMP /public /cache /CACHE recycle:exclude = *.TMP *.tmp .temp ~$ *.log *.bak [NAS] comment = CasaOS share NAS public = Yes path = /mnt/nas browseable = Yes read only = No guest ok = No create mask = 0777 directory mask = 0777 recycle = Yes force user = root

Have a nice day! VK

Lew @.***> ezt írta (időpont: 2023. aug. 30., Sze, 1:43):

Shares are a no-go if anyone on the network gets full read-write no matter what. Until the native share feature in the files app can be enhanced to allow setting username/passwords is there an app in the app store that can be recommended for creating and managing SMB/NFS shares?

— Reply to this email directly, view it on GitHub https://github.com/IceWhaleTech/CasaOS/issues/1143#issuecomment-1698281411, or unsubscribe https://github.com/notifications/unsubscribe-auth/A5ACGBH3SLRUDFK56BMO4B3XXZ5ANANCNFSM6AAAAAAYRKF6PM . You are receiving this because you commented.Message ID: @.***>

Vizion-HUN avatar Aug 31 '23 15:08 Vizion-HUN

Yep, It would be so nice to have some kind of menu to manage the users !

Triskae avatar Nov 23 '23 13:11 Triskae

+1

Open the shares to any guest is a bad joke and a security flaw.

Until then I use crazymax/samba

plangin avatar Mar 13 '24 15:03 plangin