request to remove security=share
Christopher R. Hertel
crh at ubiqx.mn.org
Fri Mar 10 08:18:46 GMT 2006
Volker Lendecke wrote:
> Hi, Carsten!
>
> Removing security=share would get rid of quite a bit of ugly
> code, so this sounds very appealing. However, I think there
> are still quite a number of users of that out there.
>
> One prominent use I think is to have the completely open, no
> password whatsoever, file server. If we have good docs
> around how to achieve this easily, then this might become a
> possibility.
>
> For that kind of move, we might ask on samba at samba.org.
>
> Jerry, what do you think? Maybe deprecating that setting for
> a while with a debug level zero message at smbd startup?
>
> Volker
Share mode security is, technically, deprecated in NT LM 0.12. On the
other hand, Windows 98 negotiates NT LM 0.12 and it only offers share-mode
security unless it's doing pass-through auth. Go figure. :)
Also, Samba doesn't really do share-mode auth. It does a kludged form of
user-mode auth and makes it work like share-mode... and it works really
well. The problem is, Samba really does need a user ID to assign to the
connection. The fudge that we use makes it easy for the sysadmin to decide
which user and password to use for each share-mode share.
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical
mailing list