Samba no longer has a "security = shared" setting, including on the version used by FreeBSD 11. From https://www.freebsd.org/doc/handbook/network-samba.html: "The most common settings are security = share and security = user... In share level security, clients do not need to log onto the server with a valid username and password before attempting to connect to a shared resource. This was the default security model for older versions of Samba." Ideally this would be replaced by some instructions for creating a public share without "security = share", maybe with "map to guest = Bad User" (I'm not clear on the details so did not attempt a patch myself).
Is this still applicable? Current User Handbook language leads me to think it was fixed (but the "map to guest" one may still need to be added): 30.10.1.2. Security Settings The most important settings in /usr/local/etc/smb4.conf are the security model and the backend password format. These directives control the options: security The most common settings are security = share and security = user. If the clients use usernames that are the same as their usernames on the FreeBSD machine, user level security should be used. This is the default security policy and it requires clients to first log on before they can access shared resources. In share level security, clients do not need to log onto the server with a valid username and password before attempting to connect to a shared resource. This was the default security model for older versions of Samba.