[Samba] Proposal to remove security=share in Samba 4.0

Stefan (metze) Metzmacher metze at samba.org
Thu Mar 1 06:55:27 MST 2012


Hi Andrew,

> After feedback from my previous proposal, I am proposing to totally
> remove security=share from Samba 4.0.  security=share has been
> deprecated since Samba 3.6.
> 
> The attached patch shows the removal (a lot of complex code is going
> away, which I think is a very good thing).   
> 
> Naturally, full user-name/password authentication remain available in
> security=user and above.
> 
> The rationale is that for the bulk of security=share users, we just we
> need a very simple way to run a 'trust the network' Samba server, where
> users mark shares as guest ok.  This is still supported, and the
> smb.conf options are documented at
> https://wiki.samba.org/index.php/Public_Samba_Server
> 
> At the same time, I want to close the door on one of the most arcane
> areas of Samba authentication.
> 
> If you have any concerns about this, please let me know,


Please add a tombstone like we have for NT_STATUS_NOPROBLEMO to
SEC_SHARE :-)

And wait a few more days for comments...

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120301/864c8957/attachment.pgp>


More information about the samba-technical mailing list