It's possible o bypass share attributes limitations.
vulners.com/securityvulns/securityvulns:doc:29271