尽管没有权限、Windows用户仍可访问NFS共享

适用场景

问题描述

• 窗口用户能够在卷路径上写入、这是UNIX安全模式、模式位为775。

 ::> vserver security file-directory show -vserver svm -path /vol/Folder/Folder1/Folder2 Vserver: svm File Path: /vol/Folder/Folder1/Folder2 File Inode Number: 1183479 Security Style: unix Effective Style: unix DOS Attributes: 10 DOS Attributes in Text: ----D--- Expanded Dos Attributes: - UNIX User Id: 34071 UNIX Group Id: 0000 UNIX Mode Bits: 775 UNIX Mode Bits in Text: rwxrwxr-x 

• 用户正在映射到仅具有读取和执行权限的pcuser、但仍可在共享上写入。
• Sectrace显示以下错误： 

svm     1    Security Style: UNIX    Access is allowed because the
            permissions         user has UNIX owner
                         privileges, the user has UNIX
                         permissions while opening
                         existing file or directory.
                         Access is granted for: "Read
                         Control", "Write Attributes",
                         "Read Attributes", "Write EA",
                         "Read EA", "Append", "Write",
                         "Read"
            Protocol: cifs
            Volume: -
            Share: Folder1
            Path:vol/Folder/Folder1/Folder2
            Win-User: DOMAIN\
            user
            UNIX-User: pcuser
            Session-ID: 15305201858646175266