> But the samba package doesn't create any file belonging to "nobody", > and doesn't even allow doing so, as it doesn't create any writable > public share.
If you have local users on the machine, it is a typical scenario that a usershare is created (More often through the filemanger features than using "net usershare" directly.) To avoid permission hassle and giving out of passwords, guest write access may be granted. (Could be in a temporary setup or in a secure environment.) What happens now is, the samba guest saves a file in the public share, and no user (but the literal "nobody") has access to the file (not even the user that created the share). However, not providing a proper default guest mapping probably breaks all default installs quite into pieces, not only usershare setups. As the nobody user and nogroup should by definition not contain any real members, I don't think the old default serves anybody. Just because the default is not well chosen everybody has to stumble over the problem, find a guest mapping and adjust the smb.conf, that is otherwise working very well for out of the box usershare creation now, thanks to your latest adaption! IMHO dropping privileges to, and becoming nobody may make sense for part of (network) deamons that don't create files, to shield real data from them, but not for a file server with the objective to write files on behalf of users. > Any admin is entitled to do whatever customization suits his|her needs > and, Of course, but it does not mean that debian should not come with a solid default configuration. I believe we have come a long way towards a robust default already, please think about tacking the last thing as well. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
