From 972336ebecd8690ea26830e08770507f5849311b Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Fri, 4 Oct 2002 18:18:45 +0000
Subject: Convert even more text docs (This used to be commit
 cde5cd455ca48fde7eeb7cea84b061ef3be58e23)

---
 docs/faq/errors.html | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 77 insertions(+), 3 deletions(-)

(limited to 'docs/faq/errors.html')

diff --git a/docs/faq/errors.html b/docs/faq/errors.html
index 49f68e4991..b36251ec13 100644
--- a/docs/faq/errors.html
+++ b/docs/faq/errors.html
@@ -77,7 +77,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN192"
+NAME="AEN201"
 ></A
 >4.1. Not listening for calling name</H1
 ><P
@@ -103,7 +103,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN199"
+NAME="AEN208"
 ></A
 >4.2. System Error 1240</H1
 ><P
@@ -139,7 +139,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN206"
+NAME="AEN215"
 ></A
 >4.3. smbclient ignores -N !</H1
 ><P
@@ -169,6 +169,80 @@ an anonymous login for SMB. Using -N would only set the password
 to null, and this is not accepted as an anonymous login for most
 SMB servers.</P
 ></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="AEN224"
+></A
+>4.4. The data on the CD-Drive I've shared seems to be corrupted!</H1
+><P
+>Some OSes (notably Linux) default to auto detection of file type on
+cdroms and do cr/lf translation. This is a very bad idea when use with
+Samba. It causes all sorts of stuff ups.</P
+><P
+>To overcome this problem use conv=binary when mounting the cdrom
+before exporting it with Samba.</P
+></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="AEN228"
+></A
+>4.5. Why can users access home directories of other users?</H1
+><P
+><SPAN
+CLASS="QUOTE"
+>"We are unable to keep individual users from mapping to any other user's
+home directory once they have supplied a valid password! They only need
+to enter their own password. I have not found *any* method that I can
+use to configure samba to enforce that only a user may map their own
+home directory."</SPAN
+></P
+><P
+><SPAN
+CLASS="QUOTE"
+>"User xyzzy can map his home directory. Once mapped user xyzzy can also map
+*anyone* elses home directory!"</SPAN
+></P
+><P
+>This is not a security flaw, it is by design. Samba allows
+users to have *exactly* the same access to the UNIX filesystem
+as they would if they were logged onto the UNIX box, except
+that it only allows such views onto the file system as are
+allowed by the defined shares.</P
+><P
+>This means that if your UNIX home directories are set up
+such that one user can happily cd into another users
+directory and do an ls, the UNIX security solution is to 
+change the UNIX file permissions on the users home directories
+such that the cd and ls would be denied.</P
+><P
+>Samba tries very hard not to second guess the UNIX administrators
+security policies, and trusts the UNIX admin to set
+the policies and permissions he or she desires.</P
+><P
+>Samba does allow the setup you require when you have set the
+"only user = yes" option on the share, is that you have not set the
+valid users list for the share.</P
+><P
+>Note that only user works in conjunction with the users= list,
+so to get the behavior you require, add the line :
+<PRE
+CLASS="PROGRAMLISTING"
+>users = %S</PRE
+>
+this is equivalent to:
+<PRE
+CLASS="PROGRAMLISTING"
+>valid users = %S</PRE
+>
+to the definition of the [homes] share, as recommended in
+the smb.conf man page.</P
+></DIV
 ></DIV
 ><DIV
 CLASS="NAVFOOTER"
-- 
cgit