request to remove security=share
Christopher R. Hertel
crh at ubiqx.mn.org
Sun Mar 12 22:44:18 GMT 2006
Volker Lendecke wrote:
> On Sun, Mar 12, 2006 at 01:04:35PM -0600, Christopher R. Hertel wrote:
>
>>What I'm adding is this: If the "share write user" fails but the "share
>>read user" succeeds, then you'd want to force actual user ID to be same as
>>the user defined in the "share write user" field. That way, there are no
>>unexpected results caused by having two different actual user IDs
>>accessing the share.
>
>
> That's easily achieved by an additional 'force user' I
> think.
Yes, I just thought it would be less confusing for the sysadmin.
On the other hand, changing the user without letting the sysadmin know
might also be confusing.
> I don't like the idea to put passwords into secrets.tdb, as
> we have to do it per share, and we already have a perfect
> infrastructure for storing and verifying passwords in place
> for users.
Right. That's what I was saying in a different message. We have
mechanisms in place to store passwords per user and trying to come up
with a way to store per-share passwords would be messy.
> I did not yet code that up, so I might revert my idea later,
> but I think duplicating what we've done in passdb is just no
> good idea.
Volker: I think that the piece you're missing here is that I agree
with you. :)
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical
mailing list