Explain better what happens when you set to 0 these bits.

(This used to be commit 3d400ec465eee9852f057a863c5394720114d603)

diff --git a/docs/smbdotconf/security/directorysecuritymask.xml b/docs/smbdotconf/security/directorysecuritymask.xml
index 352e892f1ca27f2109acfe38cb18872e353120da..5ed85ae3f860018e03a242d331400c71887d9f23 100644 (file)
--- a/docs/smbdotconf/security/directorysecuritymask.xml
+++ b/docs/smbdotconf/security/directorysecuritymask.xml
@@ -3,18 +3,23 @@
                                 type="string"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
-    <para>This parameter controls what UNIX permission bits 
-    can be set when a Windows NT client is manipulating the UNIX 
-    permission on a directory using the native NT security dialog 
+    <para>This parameter controls what UNIX permission bits
+    will be set when a Windows NT client is manipulating the UNIX
+    permission on a directory using the native NT security dialog
     box.</para>
 
     <para>
-       This parameter is applied as a mask (AND'ed with) to the incoming permission bits, thus preventing any bits not
-       in this mask from being set.  Make sure not to mix up this parameter with <smbconfoption name="force
+       This parameter is applied as a mask (AND'ed with) to the incoming permission bits, thus resetting
+        any bits not in this mask.  Make sure not to mix up this parameter with <smbconfoption name="force
        directory security mode"/>, which works similar like this one but uses logical OR instead of AND.
        Essentially, zero bits in this mask are a set of bits that will always be set to zero.
        </para>
 
+    <para>
+       Essentially, all bits set to zero in this mask will result in setting to zero the corresponding bits on the
+       file permissions regardless of the previous status of this bits on the file.
+    </para>
+
     <para>If not set explicitly this parameter is set to 0777
     meaning a user is allowed to set all the user/group/world
     permissions on a directory.</para>

diff --git a/docs/smbdotconf/security/securitymask.xml b/docs/smbdotconf/security/securitymask.xml
index 1cf6e09a46dd1e3d310213c06429f5bf9dedbb15..23bc2808db410d0a94e9758b7abb2b593e78e840 100644 (file)
--- a/docs/smbdotconf/security/securitymask.xml
+++ b/docs/smbdotconf/security/securitymask.xml
@@ -4,19 +4,20 @@
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
     <para>
-       This parameter controls what UNIX permission bits can be set when a Windows NT client is manipulating the
+       This parameter controls what UNIX permission bits will be set when a Windows NT client is manipulating the
        UNIX permission on a file using the native NT security dialog box.
        </para>
 
     <para>
-       This parameter is applied as a mask (AND'ed with) to the incoming permission bits, thus preventing any bits not
-       in this mask from being set.  Make sure not to mix up this parameter with <smbconfoption name="force
+       This parameter is applied as a mask (AND'ed with) to the incoming permission bits, thus resetting
+       any bits not in this mask. Make sure not to mix up this parameter with <smbconfoption name="force
        security mode"/>, which works in a manner similar to this one but uses a logical OR instead of an AND. 
        </para>
 
-       <para>
-       Essentially, zero bits in this mask are a set of bits that will always be set to zero.
-       </para>
+    <para>
+       Essentially, all bits set to zero in this mask will result in setting to zero the corresponding bits on the
+       file permissions regardless of the previous status of this bits on the file.
+    </para>
 
     <para>
        If not set explicitly this parameter is 0777, allowing a user to set all the user/group/world permissions on a file.