Comment 56 for bug 32067

On Tue, Jan 29, 2008 at 01:13:08PM -0000, Ralf Nieuwenhuijsen wrote:
> You said: "Security will not be set to "share". It's an inherently
> insecure way to be sharing files."

I did.

> Soren, we can repeat this _over_ and _over_ again. There is nothing
> about security=share that is not exactly as the user would_ expect_ it
> to be when installing samba.

Look... If you ask anyone who just converted from Windows to Ubuntu if
he/she thinks that his/her samba server should be set to security=share,
you'll get nothing more than a blank stare. They don't know what it
means, they don't care, and they *shouldn't* care!

Could you please try focusing on the problem rather than trying push the
wrong solution to said problem?

We want to make the process of sharing files on your network a) cause
the least amount of surprises, but b) without being a gaping security
hole.

There are several correct solutions (none of which involve
security=share). One of them could be to automagically sync Samba's
passwd database with the one on the system, so whenever someone tries to
connect to your share, they'll be asked for a username and password and
be able to user their usual user/pass combo rather than a completely
different set (which is currently the case). nautilus-share provides a
simple way of sharing folders to the network. Those two things put
together, and we win. IIRC, nautilus-share even allows you to allow
guest access, so you can make it as insecure as you (apparantly) want.

> Use case:
> The user wants to share files on his home-network with his family.
> The user enables file-sharing, samba gets installed.
> File-sharing does not work, because Soren things its unsafe to share files with your family.

If you're attempting to achieve a spot in my ignore filter, you're well
on your way.

Now, if you could please calm down and find a sensible tone for this
discussion, that would be lovely.

--
Soren Hansen
Ubuntu Server Team
http://www.ubuntu.com/