request to remove security=share

Christopher R. Hertel crh at
Fri Mar 10 18:55:52 GMT 2006

On Fri, Mar 10, 2006 at 09:23:45AM +0100, Volker Lendecke wrote:
> On Fri, Mar 10, 2006 at 02:18:46AM -0600, Christopher R. Hertel wrote:
> > Also, Samba doesn't really do share-mode auth.  It does a kludged form of
> > user-mode auth and makes it work like share-mode... and it works really
> > well. 
> Does it? I have never seen it in production. But that might
> be because I never could figure out all the heuristics we
> use for guessing the username. So I fear it a bit.
> Another prominent use might be an appliance where the people
> designing it do not want to mess with user names.
> Hmmm. Probably we need to stick with it.

There's a discussion of the mechanism used to do security=share given in
the smb.conf man page.  Basically, we have to map the user to a valid user
ID somehow.  The security=server mode simply hides some of the details.  
I believe that we can do the same using security=user and a handful of
other parameters.  As such, security=share is a short-hand.

Chris -)-----

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list