diff options
| author | cvs2svn Import User <samba-bugs@samba.org> | 2003-04-07 15:02:52 +0000 |
|---|---|---|
| committer | cvs2svn Import User <samba-bugs@samba.org> | 2003-04-07 15:02:52 +0000 |
| commit | 951aec08e8480690acbb10ab5e7db78db2e72061 (patch) | |
| tree | 099a6b97031961b9479924879735e8a0cd6bbeb0 /docs/docbook/smbdotconf/security/forcesecuritymode.xml | |
| parent | a48d89bb9d0092d9b2368d55fdd1e2350210c012 (diff) | |
| parent | f157e663f131bc26f351475226cce38b957cd0bd (diff) | |
| download | samba-951aec08e8480690acbb10ab5e7db78db2e72061.tar.gz samba-951aec08e8480690acbb10ab5e7db78db2e72061.tar.bz2 samba-951aec08e8480690acbb10ab5e7db78db2e72061.zip | |
This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This used to be commit 43f21c87e12fe88dab6ccba13c2e54161cf87093)
Diffstat (limited to 'docs/docbook/smbdotconf/security/forcesecuritymode.xml')
| -rw-r--r-- | docs/docbook/smbdotconf/security/forcesecuritymode.xml | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/forcesecuritymode.xml b/docs/docbook/smbdotconf/security/forcesecuritymode.xml new file mode 100644 index 0000000000..4151239f53 --- /dev/null +++ b/docs/docbook/smbdotconf/security/forcesecuritymode.xml @@ -0,0 +1,36 @@ +<samba:parameter name="force security mode" + context="S" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter controls what UNIX permission + bits can be modified when a Windows NT client is manipulating + the UNIX permission on a file using the native NT security dialog + box.</para> + + <para>This parameter is applied as a mask (OR'ed with) to the + changed permission bits, thus forcing any bits in this mask that + the user may have modified to be on. Essentially, one bits in this + mask may be treated as a set of bits that, when modifying security + on a file, the user has always set to be 'on'.</para> + + <para>If not set explicitly this parameter is set to 0, + and allows a user to modify all the user/group/world permissions on a file, + with no restrictions.</para> + + <para><emphasis>Note</emphasis> that users who can access + the Samba server through other means can easily bypass this restriction, + so it is primarily useful for standalone "appliance" systems. + Administrators of most normal systems will probably want to leave + this set to 0000.</para> + + <para>See also the <link linkend="FORCEDIRECTORYSECURITYMODE"><parameter moreinfo="none"> + force directory security mode</parameter></link>, + <link linkend="DIRECTORYSECURITYMASK"><parameter moreinfo="none">directory security + mask</parameter></link>, <link linkend="SECURITYMASK"><parameter moreinfo="none"> + security mask</parameter></link> parameters.</para> + + <para>Default: <command moreinfo="none">force security mode = 0</command></para> + + <para>Example: <command moreinfo="none">force security mode = 700</command></para> +</listitem> +</samba:parameter> |