kill security=share and security=server
TAKAHASHI Motonobu
monyo at monyo.com
Thu Jan 27 10:16:18 MST 2011
2011/1/27 Andrew Bartlett <abartlet at samba.org>:
>> On Wed, 2011-01-26 at 15:11 -0600, Christopher R. Hertel wrote:
>> Unfortunately, for SMB1 many people still use share-mode authentication in
>> low-level applications, such as home servers.
>
> Home servers are the easy case, as 'map to guest = bad user' will handle
> it very well.
One important advantage about "security = share" is to set both
read-only password and read-write password to each shares.
Some users still use "security = share" for this purpose.
The mapping will only confuse people, I think.
If you decide to remove "security = share", simply to remove is the best.
2011/1/27 Volker Lendecke <Volker.Lendecke at sernet.de>:
> On Wed, Jan 26, 2011 at 03:55:23PM -0800, Jeremy Allison wrote:
>> Ok, here's a patch to expunge SEC_SHARE from the world :-).
>>
>> Internally maps inside loadparm.c.
>>
>> Untested (but currently under test :-). Please comment !
>
> I vote against this. With a 4.0 release, yes, but not with a
> minor 3.x release.
To remove "security = share" is a big change, so I wish not to remove
it in 3.x release for SMB1, too.
2011/1/27 Andrew Bartlett <abartlet at samba.org>:
> I vote for killing security = share over SMB2
For SMB2, I agree with you.
P.S.
Also I am afraid of NT4-style DC support.
---
TAKAHASHI Motonobu <monyo at samba.gr.jp>
More information about the samba-technical
mailing list