new parameter: "secure include"

CAE Samba Admin caesmb at lab2.cc.wmich.edu
Thu Jun 10 18:55:27 GMT 1999


>In the theme of what Andy and I are working on, it *MIGHT* be cleaner to
>create an "include command" option that would offload permissions checking
>/ live parameter generation to an arbitrary script.  That way, *any*
>security policy could be implemented.

I do like that idea.  Would you propose this in addition to "secure
include"?  My thinking is, have what the permissions I have now be the
default, but if "include command" != NULL, then check those inside of
"secure include" instead.

I suppose I'd like someone to explain how "include" works a little better
to me.  Just from the source, it looks to be a "section" parameter and not
a global.  (am I correct?)

My original intention was to have two "secure includes" in my smb.conf:
one at the tail end of [globals] to override system wide stuff, and
another at the end of the file to define additional shares.  how would a
"include command" fit into this in your mind?

Thanks,
Kevin

BTW, for those reading... I am just about to go subscribe to
samba-technical as well as samba-ntdom.



More information about the samba-technical mailing list