Security model in samba-2

David Collier-Brown davecb at Canada.Sun.COM
Fri Sep 4 16:49:22 GMT 1998


I wrote:
> >       A colleague and I described samba security as three-level,
> >       but not in the ``secret" -vs- "top secret" sense
> >       of levels: more like
> >               1) host level -- what machine can connect
> >               2) Service-level -- per-share limitations
> >               3) user-level -- limitations on particular users.
> >       all sitting on top of (inside of) normal Unix
> >       security.
> 
Luke Kenneth Casson Leighton wrote:
> because you can include files inline using any %sub macro, you can do
> groups, caller's name, calling name etc etc.  lots.

	Quite! You can expand the per-service
	level into any combination of restrictions
	that can be expressed in  %-macros.

--dave
-- 
David Collier-Brown,  | Cherish your enemies.  They're harder to
185 Ellerslie Ave.,   | come by than friends and more motivated.
Willowdale, Ontario   | davecb at canada.sun.com, hobbes.ss.org
N2M 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb


More information about the samba-technical mailing list