There are several things you need to be aware of in the smb.conf file that are critical to system security:
The smb.conf file needs to be in a secure place where no user other than root can modify it. smb.conf can accept parameters such as config file and include and malicious users could easily cause Samba to read external files to add configuration directives to.
You need to watch the contents of the file. One way is to run a program like TripWire (which we will configure in a future class), but the old fashioned method is to periodically peruse the file and watch for abberations. This is one of the reasons that directives such as include can be so devious, because they can often be overlooked (the real brunt of the security concerns will be located in a completely differnet file).
These first ones may allow an external Windows user to modify shares, printers, and even users on the underlying UNIX system. The add machine script file is especially dangerous as it allows your SMB network to effectively be open to any and all new connections. Imagine if you are protected by a firewall but all an internal wireless network behind the firewall. Someone war-driving could easily discover your network and add their machine to your SMB network if this directive was not in check.
All of the above parameter names refer to external programs or scripts called by the Samba server on behalf of the user. Most are executed as the root user and if you as the system administrator are not careful, they could conatain something malicious. Imagine the damage a Trojaned password program could cause.
Other directives that may cause problems that you will not even need in most installations are
follow symlinks
wide links
These directives can limit Samba to look only at the local file system and not to follow symbolic links. Normally, you would not use these because they extract a performance hit, but they will prevent symlink attacks that could be done by a user linking /etc/passwd into their home directorues and then copying it off of the machine.
If you allow users to have shell access to the machine along with Samba access, you may wish to set these directives to false:
admin users
hosts equiv
smbpasswd
use rhosts
username map
These directives can be used to play tricks with user permissions. The admin users directive allows a user or group to assume root priviledges in the context of a share. Hosts equiv and use rhosts allows a computer to bypass password checking. smbpasswd and username map, if not watched, could point to a manufactured file, where all of the passwords were blank or where the user account associations were disturbed.