request to remove security=share
Christopher R. Hertel
crh at ubiqx.mn.org
Sun Mar 12 17:50:19 GMT 2006
Volker Lendecke wrote:
>
> Brainstorming... What two new share parameters:
>
> "share read user" and "share write user".
>
> In security=share, any share not having either of them is
> rejected access. The user named in the parameters is then
> treated as if it came from session setup. Not sure, but this
> might also work with winbind users.
>
> Then we might remove all the guessing magic.
One thing I think you'll want to do is an implicit "force user" to force
the read-only user to "become" the read/write user once authentication is
complete. The connection would still be read-only, but you won't have to
worry about the read-only user having permission to read files owned by
the read/write user.
The system admin may also add a "force user" to the share and that should,
of course, be applied in any case once the authentication has completed.
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical
mailing list