dsa

Gerald (Jerry) Carter jerry at samba.org
Thu Aug 26 14:45:59 GMT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Volker Lendecke wrote:
| On Thu, Aug 26, 2004 at 09:24:42AM -0500, Gerald (Jerry) Carter wrote:
|
|>I should add that I think there are too many potentially
|>contradicting sets of access rules.  We should boil them
|>down to one security descriptor if possible.
|
|
| I like the current model to restrict the access to the
| minimum that is allowed, but I also see Günthers problem.

I see it as well.  I would rather see a friendly
command line tool for changing security descriptors
on shares and printers (via rpc, not via direct tdb
access) :-)

| What about making an exception for the 'admin users'?

Setting 'admin users' and 'write list = root' is really
the same  problem.  Just because you are root does not
simply write access to a share.






cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBLfenIR7qMdg1EfYRAlDFAKDYEZkqk9D4GjlZvXkLiofhgl5CkgCg4tS3
eoIVLsHs4bznpj6DdAhQDQE=
=rZFU
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list