The exposures that one has by being root on a client are: o One can obtain/compromise tokens of all other users currently logged into that client. o One can see what other users had been viewing/editing by looking at the remains of the local AFS cache. o One can, through some wizardry, create setuid root files on fileservers if they are able to write to someplace in the cell and then use those files to gain root access to other systems that trust that AFS cell. (I supplied patches over a year ago amongst the hundreds of patches I submitted to Transarc.) It does not give you the ability to modify other people's files or circumvent the normal ACLs in AFS; it only gives you the ability to take over the local client and hijack the connections to the AFS servers. -Richard
