request to remove security=share

Christopher R. Hertel crh at
Sun Mar 12 22:44:18 GMT 2006

Volker Lendecke wrote:
> On Sun, Mar 12, 2006 at 01:04:35PM -0600, Christopher R. Hertel wrote:
>>What I'm adding is this:  If the "share write user" fails but the "share
>>read user" succeeds, then you'd want to force actual user ID to be same as
>>the user defined in the "share write user" field.  That way, there are no
>>unexpected results caused by having two different actual user IDs
>>accessing the share.
> That's easily achieved by an additional 'force user' I
> think.

Yes, I just thought it would be less confusing for the sysadmin.
On the other hand, changing the user without letting the sysadmin know
might also be confusing.

> I don't like the idea to put passwords into secrets.tdb, as
> we have to do it per share, and we already have a perfect
> infrastructure for storing and verifying passwords in place
> for users.

Right.  That's what I was saying in a different message.  We have
mechanisms in place to store passwords per user and trying to come up
with a way to store per-share passwords would be messy.

> I did not yet code that up, so I might revert my idea later,
> but I think duplicating what we've done in passdb is just no
> good idea.

Volker:  I think that the piece you're missing here is that I agree
with you.  :)

Chris -)-----

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list