Can I kill 'restrict anonymous'?
jra at samba.org
Sat Nov 10 18:33:02 GMT 2001
On Sun, Nov 11, 2001 at 11:00:29AM +1100, Andrew Bartlett wrote:
> It depends on what you call 'compleatly anonymous'. If by that you just
> mean a guest logon, then yes we have that and it passed all the way down
> to the vuser.
> This would need sorting with the authenticated pipe code as well, (hence
> my proposals to unify the way we deal with both entry points).
> Apart from that its a trivial modificaion, and a worthwhile addition.
> As you know this code better, could you look into it? It could be done
> either by an NT ACL or a simple guest flag check. I'll kill off the
> session setup stuff.
Sure, I'll look at it (not right now though, I'm off to see "Grease" at the
theatre and I'm already late :-). There's a difference between "guest" and "anonymous". We
just need an extra flag so we know when a user presented no credentials
as compared with someone who did, even if they both end up as the same
UNIX "guest" uid.
More information about the samba-technical