At Vanderbilt we are starting the transition to serve web files from AFS
rather than the web server's local disk. A couple of questions have come up,
such as using symbolic links to AFS vs. defining script aliases in the web
server configuration file, and how to provide secure http access to files
that apparently need system:anyuser rl permissions in AFS (thereby allowing
an AFS user to circumvent the web security just by cd'ing to the file).
Do anyone have policies, procedures, or suggestions that would help us
make this transition? Your advice is most appreciated.
--Andrew Mickish
http://www.mc.vanderbilt.edu/~mickish/
