On Sep 13, 5:21pm, Pat Wilson wrote:
> Subject: Re: Black Book of AFS article and other concerns
>
> Well, yes and no. Yes, the toplevel is visible, but the cell
> admin can (and probably *should* - this same thing works with
> ftp; http isn't special) construct the permissions on it such that
> system:authuser (or some IP-based ACL) is required to go any
> further.
We do have system:authuser and IP based ACL's for our site, hoever,
restricting it at the root.cell volume is not an option here. We have
too many remote cells that need access to users directories, projects, etc.
for collabrative work with other sites. So there are still a heck of a lot
of volumes (too many for some sites) to try to keep track of bad ACL's.
> And, if you protect the toplevel, you're safe from the
> drill-down problem.
Well, true, and not true. Actually every volumes top level directory
ACL has to be protected. For instance I can get a list of all volumes
in the transarc.com cell (or northstar.dartmouth.edu, etc.), mount each volume,
then see if I can access that mount point and see how far I can go. So the
drill-down problem is true for users who are traversing down web directories
or ftp sites. But users with access to AFS client machines can mount any
volume from virtually any cell.
--
James J. Barlow <[EMAIL PROTECTED]>
Senior System Engineer
National Center for Supercomputing Applications
605 East Springfield Avenue Voice : (217)244-6403
Champaign, IL 61820 Cell : (217)840-0601
http://www.ncsa.uiuc.edu/People/jbarlow Fax : (217)244-1987
