request to remove security=share
Carsten Schaub
carsten-schaub at arcor.de
Sun Mar 12 19:58:51 GMT 2006
Am Sonntag, den 12.03.2006, 16:18 +0100 schrieb Volker Lendecke:
> On Fri, Mar 10, 2006 at 03:08:45PM -0600, Gerald (Jerry) Carter wrote:
> > It would be better to just define a ro/rw password and specify
> > the euid for accessing files/directories. At least would be
> > easy to explain. The current model works sometimes and doesn't
> > in other environments.
>
> Brainstorming... What two new share parameters:
>
> "share read user" and "share write user".
>
> In security=share, any share not having either of them is
> rejected access. The user named in the parameters is then
> treated as if it came from session setup. Not sure, but this
> might also work with winbind users.
What do you think about this:
Put RO/RW passwords into secrets.tdb, verify the access level and access
the destinatioins with the owner of the directory where the file is in.
If upper level directories prevent the access consider it as a setup
failure.
> Then we might remove all the guessing magic.
And introduce another with my approach :(
--
Carsten Schaub <carsten-schaub at arcor.de>
More information about the samba-technical
mailing list