Derek Atkins <[email protected]> writes: > I don't think it would be possible to have a transitive acl across a > mountpoint boundary, because a volume can be mounted in multiple > locations.
Agreed; I should have mentioned that. I keep a set of notes on what I would do differently if AFS were completely rebuilt from scratch without any backward-compatibility concerns. If each volume had some sort of secret access key (retrieved by the CM via its mountpoint in some other volume) it would be possible to control who is allowed to create a mountpoint pointing *to* a particular volume. But the means to do so goes way outside the existing AFS infrastructure. - a _______________________________________________ AFS3-standardization mailing list [email protected] http://michigan-openafs-lists.central.org/mailman/listinfo/afs3-standardization
