Jim Barlow <[EMAIL PROTECTED]> writes:

> Another concern that I had is that there is no way to prevent access to
> our cell from a remote web server.  We tried tried setting a negative
> ACL for Transarc's web server in our root.cell volume, but the
> system:anyuser makes this useless (I'll probably post another message
> soon why I think this is a bug in the negative ACL's).

Yeah, we experimented with negative ACLs somewhat at one point and
concluded that they generally didn't do quite what one would expect and
weren't overly useful except in very specific circumstances.

-- 
Russ Allbery ([EMAIL PROTECTED])         <URL:http://www.eyrie.org/~eagle/>

Reply via email to