[Samba] Wide links and insecure wide links

Stilez stilezy at gmail.com
Wed Feb 28 13:39:09 UTC 2018

I'd like to understand reasonably fully,, the difference between the two 
options "wide links" and "allow insecure wide links" in smb.conf. The docs 
make them sound very similar but as there are obvious security implications 
for anything to do with symlink scope, it's important to know what each of 
them allows/blocks and where they differ.

Interestingly, only the second of them is tagged as explicitly being a
significant security hole to leave open, so presumably there's quite a

Assuming that "follow symlinks" is at its default "yes", what is the
practical and security difference/implication between enabling these two 

(NB - if someone wants to update the docs for "wide links", it might be
worthwhile to add more there.)


More information about the samba mailing list