Ubuntu
samba package

Bug #32067
Comment #46

Comment 46 for bug 32067

Revision history for this message

Ralf Nieuwenhuijsen (ralf-nieuwenhuijsen) wrote on 2008-01-26: Re: the security parameter must be set to share, not user, in smb.conf - Smb/Gnome sharing broken

#46

So, whats the status of this bug in Hardy?

Is samba sharing still completely broken for those who are not system maintainers.
And if so, can we at least remove the 'shared folders' stuff from the default install.

It's confusing because it pretends something will work, when it does not.
And honestly, having users setup accounts is ridiculus. Either use pam or enable sharing by default.
For all purposes considered the local network can be expeced to be trust worthy.

Currently, the logic is:
- the home is user is a linux guru and knows how to edit smb.conf
- the professional system maintainance guy is an idiot and should be prevented from enabling samba-share easily in the hostile environment where they deploy, because they might not know what they are doing.

The logic should be:
- the home is is not a linux guru and needs sharing to work by default, without any configuration.
- the profession system maintaince guy knows what he is doing and he/will change the defaults it that is too insecure for his environment

Other than that, waiting for some magic GUI that still asks too many questions (i.e. more than one question), is just not acceptable. Until you have something that also 'protects' the profressiosnal system deployer, focus on the home user. Enable pam-backend or set security=share by default. Anything else borderlines on ridiculus academic dreamcastles.

I doubt anyone arguing that it's insecure is using the 'secured' setup by default and has working printer sharing. So, what's good enough for you, should be good enough for us. People just want this to work and are running it insecurely _right now_. It just took them more effort to figure out how to do it and it inforces the impression they should just copy & paste stuff from forums on the command-line. How else is Ubuntu going to work without copying and pasting random stuff from forums?

Fix this bug already. Let's not wait for some gui magic. Fix it until that gui is there. People are going to to configure it insecurely _anyway_. They just want to share files on their local network with their families.

So, whats the status of this bug in Hardy?

Is samba sharing still completely broken for those who are not system maintainers.
And if so, can we at least remove the 'shared folders' stuff from the default install.

It's confusing because it pretends something will work, when it does not.
And honestly, having users setup accounts is ridiculus. Either use pam or enable sharing by default. 
For all purposes considered the local network can be expeced to be trust worthy.

Currently, the logic is:
  - the home is user is a linux guru and knows how to edit smb.conf
  - the professional system maintainance guy is an idiot and should be prevented from enabling samba-share easily in the hostile environment where they deploy, because they might not know what they are doing.

The logic should be:
  - the home is is not a linux guru and needs sharing to work by default, without any configuration.
  - the profession system maintaince guy knows what he is doing and he/will change the defaults it that is too insecure for his environment

I doubt anyone arguing that it's insecure is using the 'secured' setup by default and has working printer sharing. So, what's good enough for you, should be good enough for us. People just want this to work and are running it insecurely _right now_. It just took them more effort to figure out how to do it and it inforces the impression  they should just copy & paste stuff from forums on the command-line. How else is Ubuntu going to work without copying and pasting random stuff from forums?

Ubuntusamba package

Comment 46 for bug 32067

Ubuntu
samba package