Comment 63 for bug 32067
Revision history for this message
| Soren Hansen (soren) wrote Re: [Bug 32067] Re: the security parameter must be set to share, not user, in smb.conf - Smb/Gnome sharing broken | #63 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
On Fri, Feb 01, 2008 at 09:39:10AM -0000, Charlie Halford wrote:
> > I said that if you asked a new Ubuntu user: "So, dude, do you think we
> > should put security=share in your smb.conf?", he'll have no clue what
> > you're talking about. Hence, it's completely mistaken to say that "new
> > users expect that their smb.conf says security=share". No, they don't.
> > They expect to be able to share their files.
> At what point has anyone suggested asking an Ubuntu user what settings
> he would like to set in her SMB.conf?
Ralf claimed that users expect their smb.conf to say security=share. I
contested that based on the fact that the vast majority of users don't
care, don't know that they even have an smb.conf, and *shouldn't*.
> The setting of security=share is merely one of a few solutions in
> making windows file sharing on Ubuntu simpler.
My point exactly. There are several solutions, so why keep pushing the
wrong one?
> If enabled by default, the user would not have to alter smb.conf at
> all.
The point wasn't whether the user had to change his smb.conf. The point
was that that the particular type of user in question has no opinion on
what string of characters are in his smb.conf. He cares about sharing
files, not the technical mechanics of it.
> I do appreciate that you are trying to combine usability and security,
> but simply ignoring the fact that many users are using Ubuntu machines
> in a mixed network with Windows ones is surely not a good idea.
I'm having difficulty conveying the extent to which that sort of
statement irritates me... We are not ignoring the fact that Ubuntu
machines are used in mixed environments.
> If an Ubuntu user, at the moment, shares a folder, a windows user
> CANNOT access the folder without access to the Ubuntu users ID, or
> creating his own. Secure or not, this is not usable.
It seems to be a common misconception on this thread, that the only way
to make files available via samba to unauthenticated users is to tell
samba to use security=share. This is simply not so. If you want
nautilus-share to present the guest_ok setting in its ui, please file a
bug against nautilus-share. Quit suggesting that we turn Samba into a
gaping security hole by default.
--
Soren Hansen
Ubuntu Server Team
http://