request to remove security=share

Gerald (Jerry) Carter jerry at samba.org
Fri Mar 10 12:58:28 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Volker Lendecke wrote:

> Does it? I have never seen it in production. But that might
> be because I never could figure out all the heuristics we
> use for guessing the username. So I fear it a bit.
> 
> Another prominent use might be an appliance where the people
> designing it do not want to mess with user names.
> 
> Hmmm. Probably we need to stick with it.

I would prefer to see us simply store a ro and rw password
for the share in secrets.tdb and the require the admin to
specify a 'force user' value and drop the "hack this account"
approach.

But just because we can do something doesn't mean that we
should.  Either we do a proper security = share or we just
drop it.  I don't believe that any modern Windows OS
supports it.  And just because Windows 9x supports it as
a file/print server doesn't mean that we should.

Can anyone convince me of any value in 'security = share'?
And no estoteric examples about possible uses.  I want a real
practical current use that can't be met with security = user
and 'map to guest'.






cheers, jerry


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEEXf0IR7qMdg1EfYRApyMAJ9BOr795A+1Py/wbECS4Swci4nvKwCgxtRT
6HuN118VjWMT6qZnRI6gug4=
=2AoV
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list