diff options
author | Alexander Bokovoy <ab@samba.org> | 2003-03-27 15:27:19 +0000 |
---|---|---|
committer | Alexander Bokovoy <ab@samba.org> | 2003-03-27 15:27:19 +0000 |
commit | 5cd3d3f14ef56ff5f1d92aba0174649f3d368f66 (patch) | |
tree | 7982c107cb4ecf2b739dd0d21b591aca20e9b19a /docs/docbook/smbdotconf/security/hostsequiv.xml | |
parent | 7c6a4de6f97287e43405b66baa81aa328315de7c (diff) | |
download | samba-5cd3d3f14ef56ff5f1d92aba0174649f3d368f66.tar.gz samba-5cd3d3f14ef56ff5f1d92aba0174649f3d368f66.tar.bz2 samba-5cd3d3f14ef56ff5f1d92aba0174649f3d368f66.zip |
Add new framework for smb.conf(5). Please read README before trying to compile.
I will commit more meta-information updates during week-end.
(This used to be commit 8d684dffab6a90b3d612a1aa2b2c457a2bc2e6ac)
Diffstat (limited to 'docs/docbook/smbdotconf/security/hostsequiv.xml')
-rw-r--r-- | docs/docbook/smbdotconf/security/hostsequiv.xml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/hostsequiv.xml b/docs/docbook/smbdotconf/security/hostsequiv.xml new file mode 100644 index 0000000000..68d6d628e8 --- /dev/null +++ b/docs/docbook/smbdotconf/security/hostsequiv.xml @@ -0,0 +1,26 @@ +<samba:parameter xmlns:samba="http://samba.org/common"> + <term><anchor id="HOSTSEQUIV"/>hosts equiv (G)</term> + <listitem><para>If this global parameter is a non-null string, + it specifies the name of a file to read for the names of hosts + and users who will be allowed access without specifying a password. + </para> + + <para>This is not be confused with <link linkend="HOSTSALLOW"> + <parameter moreinfo="none">hosts allow</parameter></link> which is about hosts + access to services and is more useful for guest services. <parameter moreinfo="none"> + hosts equiv</parameter> may be useful for NT clients which will + not supply passwords to Samba.</para> + + <para><emphasis>NOTE :</emphasis> The use of <parameter moreinfo="none">hosts equiv + </parameter> can be a major security hole. This is because you are + trusting the PC to supply the correct username. It is very easy to + get a PC to supply a false username. I recommend that the + <parameter moreinfo="none">hosts equiv</parameter> option be only used if you really + know what you are doing, or perhaps on a home network where you trust + your spouse and kids. And only if you <emphasis>really</emphasis> trust + them :-).</para> + + <para>Default: <emphasis>no host equivalences</emphasis></para> + <para>Example: <command moreinfo="none">hosts equiv = /etc/hosts.equiv</command></para> + </listitem> + </samba:parameter> |