Samba: Allow insecure symlinks

I’m testing a software where I have to share a linux directory (that’s outside of a ibay) as a directory in a ibay:

example

/usr1/instal has to be shared as /var/lib/nethserver/ibay/l_disk/instal

so i have created a symlink:

cd /var/lib/nethserver/ibay/l_disk
ln -s /usr1/instal instal

I mapped the l_disk ibay as L: in my Windows client but, if I try to access to L:\instal i have the “Acces denied” error.

So, i have modified my /etc/samba/smb.conf (via template-custom):

in [global] section I added:

unix extensions = no
allow insecure wide links = yes

in [l_disk] section I added:

wide links = yes

then i restarted smbd and nmbd services

I now have the access to L.\instal but I’d like to know what kind of implications does this change at the system level and stability.
I know that there could be security issues but there may also be other problems?

Thank you

I think no other problems should arise beside the security issues.

Take a look at the relevant part of samba manual: https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html

It seems that isn’t necessary to modify the parameter “unix extensions” if the “allow insecure wide links = yes” is specified.

I tried and it works.

Concerning the security, I understand the only if a Unix client/user create a symlink of external dir inside a share/ibay it can create a security issue, so, in my case, I should not have such a problem.

Suggestions are welcome!

I hope that @Renan_Azedo_de_Olive @bruno @enrilor @ssabbath @greavette are able to help you here