taking back the 'restrict anonymous' parameter
Tim Potter
tpot at samba.org
Thu May 30 16:37:02 GMT 2002
I'm thinking about taking back the restrict anonymous parameter and
using it to do Good Things. Previously in HEAD and currently in 2.2 it
stops people connecting to shares anonymously but I think Mr Bartlett
removed it because it was either buggy or didn't do anything useful.
I propose that this parameter act like the RestrictAnonymous registry
setting, i.e it prevents anonymous access to the SAMR pipe and anonymous
access to the NetShareEnum RPC when set to 1. When set to 2, it
disallows anonymous access to all RPC pipes.
Any objections? There's still some more testing and coding to be done.
This may be a good opportunity to implement security descriptors on
pipes.
Tim.
More information about the samba-technical
mailing list