> I have looked and looked through the manuals and while I find lots of
> guidelines on how to secure the AFS server files, I can find nothing on how the
> ownership and mode bits of the client files should be set.
>
> Can somebody either tell me where I missed it in the manuals or provide their
> own recommendations.
Most things should be protected as you'd expect - things in /usr/vice/etc
should not be modifyable by normal users, but they do need to be able to
read some of them, and there's not reason to read-protect the rest. The
same goes for the various utilities, which Transarc for some inexplicable
reason reccommends putting in /usr/afsws (I know of no one who actually
_does_ that).
The major thing to note is that /usr/vice/cache should have mode 0700, so
that users can't see what's in there. The cache manager should take care
of the permissions on the individual cache files by itself.
-- Jeffrey T. Hutzelman (N3NHS) <[EMAIL PROTECTED]>
