diff options
Diffstat (limited to 'docs/docbook/smbdotconf/security')
| -rw-r--r-- | docs/docbook/smbdotconf/security/hostsequiv.xml | 4 | ||||
| -rw-r--r-- | docs/docbook/smbdotconf/security/nonunixaccountrange.xml | 4 | ||||
| -rw-r--r-- | docs/docbook/smbdotconf/security/passwordserver.xml | 4 |
3 files changed, 6 insertions, 6 deletions
diff --git a/docs/docbook/smbdotconf/security/hostsequiv.xml b/docs/docbook/smbdotconf/security/hostsequiv.xml index 68d6d628e8..084d8268ef 100644 --- a/docs/docbook/smbdotconf/security/hostsequiv.xml +++ b/docs/docbook/smbdotconf/security/hostsequiv.xml @@ -11,14 +11,14 @@ hosts equiv</parameter> may be useful for NT clients which will not supply passwords to Samba.</para> - <para><emphasis>NOTE :</emphasis> The use of <parameter moreinfo="none">hosts equiv + <note><para>The use of <parameter moreinfo="none">hosts equiv </parameter> can be a major security hole. This is because you are trusting the PC to supply the correct username. It is very easy to get a PC to supply a false username. I recommend that the <parameter moreinfo="none">hosts equiv</parameter> option be only used if you really know what you are doing, or perhaps on a home network where you trust your spouse and kids. And only if you <emphasis>really</emphasis> trust - them :-).</para> + them :-).</para></note> <para>Default: <emphasis>no host equivalences</emphasis></para> <para>Example: <command moreinfo="none">hosts equiv = /etc/hosts.equiv</command></para> diff --git a/docs/docbook/smbdotconf/security/nonunixaccountrange.xml b/docs/docbook/smbdotconf/security/nonunixaccountrange.xml index a8e426649e..baa9a783b0 100644 --- a/docs/docbook/smbdotconf/security/nonunixaccountrange.xml +++ b/docs/docbook/smbdotconf/security/nonunixaccountrange.xml @@ -8,10 +8,10 @@ This range of ids should have no existing local or NIS users within it as strange conflicts can occur otherwise.</para> - <para>NOTE: These userids never appear on the system and Samba will never + <note><para>These userids never appear on the system and Samba will never 'become' these users. They are used only to ensure that the algorithmic RID mapping does not conflict with normal users. - </para> + </para></note> <para>Default: <command moreinfo="none">non unix account range = <empty string> </command></para> diff --git a/docs/docbook/smbdotconf/security/passwordserver.xml b/docs/docbook/smbdotconf/security/passwordserver.xml index df50ac8f8a..b803816d88 100644 --- a/docs/docbook/smbdotconf/security/passwordserver.xml +++ b/docs/docbook/smbdotconf/security/passwordserver.xml @@ -20,10 +20,10 @@ the "LM1.2X002" or the "NT LM 0.12" protocol, and it must be in user level security mode.</para> - <para><emphasis>NOTE:</emphasis> Using a password server + <note><para>Using a password server means your UNIX box (running Samba) is only as secure as your password server. <emphasis>DO NOT CHOOSE A PASSWORD SERVER THAT - YOU DON'T COMPLETELY TRUST</emphasis>.</para> + YOU DON'T COMPLETELY TRUST</emphasis>.</para></note> <para>Never point a Samba server at itself for password serving. This will cause a loop and could lock up your Samba |