summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/hostsequiv.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/smbdotconf/security/hostsequiv.xml')
-rw-r--r--docs/docbook/smbdotconf/security/hostsequiv.xml49
1 files changed, 26 insertions, 23 deletions
diff --git a/docs/docbook/smbdotconf/security/hostsequiv.xml b/docs/docbook/smbdotconf/security/hostsequiv.xml
index 084d8268ef..873053be28 100644
--- a/docs/docbook/smbdotconf/security/hostsequiv.xml
+++ b/docs/docbook/smbdotconf/security/hostsequiv.xml
@@ -1,26 +1,29 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="HOSTSEQUIV"/>hosts equiv (G)</term>
- <listitem><para>If this global parameter is a non-null string,
- it specifies the name of a file to read for the names of hosts
- and users who will be allowed access without specifying a password.
- </para>
+<samba:parameter name="hosts equiv"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>If this global parameter is a non-null string,
+ it specifies the name of a file to read for the names of hosts
+ and users who will be allowed access without specifying a password.
+ </para>
- <para>This is not be confused with <link linkend="HOSTSALLOW">
- <parameter moreinfo="none">hosts allow</parameter></link> which is about hosts
- access to services and is more useful for guest services. <parameter moreinfo="none">
- hosts equiv</parameter> may be useful for NT clients which will
- not supply passwords to Samba.</para>
+ <para>This is not be confused with <link linkend="HOSTSALLOW">
+ <parameter moreinfo="none">hosts allow</parameter></link> which is about hosts
+ access to services and is more useful for guest services. <parameter moreinfo="none">
+ hosts equiv</parameter> may be useful for NT clients which will
+ not supply passwords to Samba.</para>
- <note><para>The use of <parameter moreinfo="none">hosts equiv
- </parameter> can be a major security hole. This is because you are
- trusting the PC to supply the correct username. It is very easy to
- get a PC to supply a false username. I recommend that the
- <parameter moreinfo="none">hosts equiv</parameter> option be only used if you really
- know what you are doing, or perhaps on a home network where you trust
- your spouse and kids. And only if you <emphasis>really</emphasis> trust
- them :-).</para></note>
+ <note><para>The use of <parameter moreinfo="none">hosts equiv
+ </parameter> can be a major security hole. This is because you are
+ trusting the PC to supply the correct username. It is very easy to
+ get a PC to supply a false username. I recommend that the
+ <parameter moreinfo="none">hosts equiv</parameter> option be only used if you really
+ know what you are doing, or perhaps on a home network where you trust
+ your spouse and kids. And only if you <emphasis>really</emphasis> trust
+ them :-).</para></note>
- <para>Default: <emphasis>no host equivalences</emphasis></para>
- <para>Example: <command moreinfo="none">hosts equiv = /etc/hosts.equiv</command></para>
- </listitem>
- </samba:parameter>
+ <para>Default: <emphasis>no host equivalences</emphasis></para>
+ <para>Example: <command moreinfo="none">hosts equiv = /etc/hosts.equiv</command></para>
+</listitem>
+</samba:parameter>