Can I kill 'restrict anonymous'?

Jeremy Allison jra at
Sat Nov 10 18:33:02 GMT 2001

On Sun, Nov 11, 2001 at 11:00:29AM +1100, Andrew Bartlett wrote:

> It depends on what you call 'compleatly anonymous'.  If by that you just
> mean a guest logon, then yes we have that and it passed all the way down
> to the vuser.  
> This would need sorting with the authenticated pipe code as well, (hence
> my proposals to unify the way we deal with both entry points).  
> Apart from that its a trivial modificaion, and a worthwhile addition.
> As you know this code better, could you look into it?  It could be done
> either by an NT ACL or a simple guest flag check.  I'll kill off the
> session setup stuff.

Sure, I'll look at it (not right now though, I'm off to see "Grease" at the
theatre and I'm already late :-). There's a difference between "guest" and "anonymous". We
just need an extra flag so we know when a user presented no credentials
as compared with someone who did, even if they both end up as the same
UNIX "guest" uid.


More information about the samba-technical mailing list