Comment 60 for bug 32067

On Thu, Jan 31, 2008 at 10:18:10PM -0000, Giovanni Bajo wrote:
> This is not the correct solution for this problem. If you ask a
> Windows user (like you are saying that we should),

That's not what I said at all. Quit putting words in my mouth.

I said that if you asked a new Ubuntu user: "So, dude, do you think we
should put security=share in your smb.conf?", he'll have no clue what
you're talking about. Hence, it's completely mistaken to say that "new
users expect that their smb.conf says security=share". No, they don't.
They expect to be able to share their files.

> he will reply that when he shares a directory on Windows, then no
> usernames or passwords are required to access the shared resource *by
> default*.

I find Windows' security model quite uninteresting.

> Moreover, the user is shown a simple screen where he can then select
> whether to share read-only or read-write.

Yes. How is that different from nautilus-share?

http://gentoo.ovibes.net/nautilus-share/mediawiki-1.4.4/index.php/NSScreenShots

> Thus, if you want to clone Windows here, you should find a way to
> share a directory so that there is no username required to access it
> *at all*.

I am *not* trying to clone Windows. At all. Why would you say that?

> And setting security=share achieves exactly this. It might not be the
> only solution, but it works.

"If you don't want to forget your password for your home banking system,
you can just write in on a Post-It and stick it on your monitor. It's
not the only solution, but it works." I'm sorry, but I'm not going to
solve a problem in a way that creates 27 other problems. You may have
the privilege of being able to ignore those 27 other problems. I'm not.
We take security *and* usability seriously.

--
Soren Hansen
Ubuntu Server Team
http://www.ubuntu.com/