--- docs-xml/manpages-3/smb.conf.5.xml.orig	2009-01-26 13:56:34.000000000 +0000
+++ docs-xml/manpages-3/smb.conf.5.xml	2009-02-19 15:33:26.000000000 +0000
@@ -159,8 +159,7 @@
 		<para>
 		When the connection request is made, the existing sections are scanned. If a match is found, it is
 		used. If no match is found, the requested section name is treated as a username and looked up in the local
-		password file. If the name exists and the correct password has been given, a share is created by cloning the
-		[homes] section.
+		password file. If the name exists a share is created by cloning the [homes] section.
 		</para>
 		
 		<para>
@@ -198,6 +197,16 @@
 		</para>
 		
 		<para>
+		The mechanism of the [homes] section does not tie the connecting user to their own home directory. When enabled,
+		all usernames listed in the local password file will be made available as shares that point to the corresponding
+		home directories. Access to the share will then be subject to the underlying permissions of the host operating
+		system. As an example, if the user <quote>bin</quote> in the local password file is listed with a home directory
+		of <quote>/usr/bin</quote>, a user who can successfully authenticate with the server may connect to the
+		<quote>bin</quote> share and browse the contents of the <quote>/usr/bin</quote> directory on the server. If you
+		find this behaviour undesirable you can set <emphasis>valid users = %S</emphasis> in the [homes] section.
+		</para>
+		
+		<para>
 		The [homes] section can specify all the parameters a normal service section can specify, though some make more sense 
 		than others. The following is a typical and suitable [homes] section:
 <programlisting>