request to remove security=share

Carsten Schaub carsten-schaub at
Sun Mar 12 19:58:51 GMT 2006

Am Sonntag, den 12.03.2006, 16:18 +0100 schrieb Volker Lendecke:
> On Fri, Mar 10, 2006 at 03:08:45PM -0600, Gerald (Jerry) Carter wrote:
> > It would be better to just define a ro/rw password and specify
> > the euid for accessing files/directories.  At least would be
> > easy to explain.  The current model works sometimes and doesn't
> > in other environments.
> Brainstorming... What two new share parameters:
> "share read user" and "share write user".
> In security=share, any share not having either of them is
> rejected access. The user named in the parameters is then
> treated as if it came from session setup. Not sure, but this
> might also work with winbind users.

What do you think about this:
Put RO/RW passwords into secrets.tdb, verify the access level and access
the destinatioins with the owner of the directory where the file is in.
If upper level directories prevent the access consider it as a setup

> Then we might remove all the guessing magic.

And introduce another with my approach :(

Carsten Schaub <carsten-schaub at>

More information about the samba-technical mailing list