request to remove security=share
Christopher R. Hertel
crh at ubiqx.mn.org
Fri Mar 10 18:55:52 GMT 2006
On Fri, Mar 10, 2006 at 09:23:45AM +0100, Volker Lendecke wrote:
> On Fri, Mar 10, 2006 at 02:18:46AM -0600, Christopher R. Hertel wrote:
>
> > Also, Samba doesn't really do share-mode auth. It does a kludged form of
> > user-mode auth and makes it work like share-mode... and it works really
> > well.
>
> Does it? I have never seen it in production. But that might
> be because I never could figure out all the heuristics we
> use for guessing the username. So I fear it a bit.
>
> Another prominent use might be an appliance where the people
> designing it do not want to mess with user names.
>
> Hmmm. Probably we need to stick with it.
There's a discussion of the mechanism used to do security=share given in
the smb.conf man page. Basically, we have to map the user to a valid user
ID somehow. The security=server mode simply hides some of the details.
I believe that we can do the same using security=user and a handful of
other parameters. As such, security=share is a short-hand.
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical
mailing list