Comment 58 for bug 32067
Revision history for this message
| Giovanni Bajo (giovannibajo) wrote Re: [Bug 32067] Re: the security parameter must be set to share, not user, in smb.conf - Smb/Gnome sharing broken | #58 |
On Jan 31, 2008 11:21 AM, Soren Hansen <email address hidden> wrote:
> Could you please try focusing on the problem rather than trying push the
> wrong solution to said problem?
>
> We want to make the process of sharing files on your network a) cause
> the least amount of surprises, but b) without being a gaping security
> hole.
>
> There are several correct solutions (none of which involve
> security=share). One of them could be to automagically sync Samba's
> passwd database with the one on the system, so whenever someone tries to
> connect to your share, they'll be asked for a username and password and
> be able to user their usual user/pass combo rather than a completely
> different set (which is currently the case).
This is not the correct solution for this problem. If you ask a Windows user
(like you are saying that we should), he will reply that when he shares a
directory on Windows, then no usernames or passwords are required to access
the shared resource *by default*. Moreover, the user is shown a simple
screen where he can then select whether to share read-only or read-write.
Thus, if you want to clone Windows here, you should find a way to share a
directory so that there is no username required to access it *at all*. And
setting security=share achieves exactly this. It might not be the only
solution, but it works.
I think this is Ralf's point, and I totally agree with it. If you don't mind
his tone, I don't think he's wrong.
--
Giovanni Bajo