source: vendor/current/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml

<samba:parameter name="allow insecure wide links"
                 context="G"
                 type="boolean"
                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
        <para>
        In normal operation the option <smbconfoption name="wide links"/>
        which allows the server to follow symlinks outside of a share path
        is automatically disabled when <smbconfoption name="unix extensions"/>
        are enabled on a Samba server. This is done for security purposes
        to prevent UNIX clients creating symlinks to areas of the server
        file system that the administrator does not wish to export.
        </para>
        <para>
        Setting <smbconfoption name="allow insecure wide links"/> to
        true disables the link between these two parameters, removing
        this protection and allowing a site to configure
        the server to follow symlinks (by setting <smbconfoption name="wide links"/>
        to "true") even when <smbconfoption name="unix extensions"/>
        is turned on.
        </para>
        <para>
        If is not recommended to enable this option unless you
        fully understand the implications of allowing the server to
        follow symbolic links created by UNIX clients. For most
        normal Samba configurations this would be considered a security
        hole and setting this parameter is not recommended.
        </para>
        <para>
        This option was added at the request of sites who had
        deliberately set Samba up in this way and needed to continue
        supporting this functionality without having to patch the
        Samba code.
        </para>
</description>
<value type="default">no</value>
</samba:parameter>