request to remove security=share

Christopher R. Hertel crh at
Sun Mar 12 17:50:19 GMT 2006

Volker Lendecke wrote:
> Brainstorming... What two new share parameters:
> "share read user" and "share write user".
> In security=share, any share not having either of them is
> rejected access. The user named in the parameters is then
> treated as if it came from session setup. Not sure, but this
> might also work with winbind users.
> Then we might remove all the guessing magic.

One thing I think you'll want to do is an implicit "force user" to force
the read-only user to "become" the read/write user once authentication is
complete.  The connection would still be read-only, but you won't have to
worry about the read-only user having permission to read files owned by
the read/write user.

The system admin may also add a "force user" to the share and that should, 
of course, be applied in any case once the authentication has completed.

Chris -)-----

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list