request to remove security=share

Gerald (Jerry) Carter jerry at
Fri Mar 10 12:58:28 GMT 2006

Hash: SHA1

Volker Lendecke wrote:

> Does it? I have never seen it in production. But that might
> be because I never could figure out all the heuristics we
> use for guessing the username. So I fear it a bit.
> Another prominent use might be an appliance where the people
> designing it do not want to mess with user names.
> Hmmm. Probably we need to stick with it.

I would prefer to see us simply store a ro and rw password
for the share in secrets.tdb and the require the admin to
specify a 'force user' value and drop the "hack this account"

But just because we can do something doesn't mean that we
should.  Either we do a proper security = share or we just
drop it.  I don't believe that any modern Windows OS
supports it.  And just because Windows 9x supports it as
a file/print server doesn't mean that we should.

Can anyone convince me of any value in 'security = share'?
And no estoteric examples about possible uses.  I want a real
practical current use that can't be met with security = user
and 'map to guest'.

cheers, jerry

Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the samba-technical mailing list