On Mon, 2012-02-27 at 19:45 -0500, simo wrote: > On Tue, 2012-02-28 at 10:16 +1100, Andrew Bartlett wrote: > > On Mon, 2012-02-27 at 17:53 -0500, David Collier-Brown wrote: > > > > > Am I correct in thinking this would make all shares have the same > > > password as the guest user, or do you mean there really is no password > > > at all, or alternatively that one would specify the share, provide > > > it's password and be logged on as guest??? > > > > > > It's been a while since I had a security=share setup, but I remember > > > WfW clients thinking that they had per-share passwords... > > > > In the past, Samba tried to match the 'per share' password provided by > > the client against a list of users, falling back to guest if 'guest ok = > > yes' was set on the share. > > > > What will happen now is that the password will be ignored, and only the > > 'guest ok' will be checked, and access will be as guest. > > This in effect means dropping security = share, can't we just > effectively drop it instead of deceiving our users and making them > believe they are using it ?
I am fully in support of dropping it. Kai asked that we still have a way to 'simply' configure the system for trivial file access. These semantics (guest only) broadly matches the default file sharing access on WinXP. (Windows 7 instead wants you to use a HomeGroup, and makes just sharing a folder with no pw substantially more difficult). If the consensus of the list is to drop it outright, and simply error on parsing security=share, I will prepare a patch to do that. The recommended simple sharing option of 'map to guest = bad user' naturally remains. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
