On Sat, 2014-10-25 at 20:30 -0400, Nathaniel W Filardo wrote: > On Sat, Oct 25, 2014 at 07:07:10PM -0400, Jeffrey Altman wrote: > > There are no descriptors or handles in AFS protocol to maintain server > > side state for an "open" or "create". The server grants the permissions > > based upon Insert and the cache managers take them away as required by the > > local OS behavior. > > Well, cache managers can only be trusted to take away permissions if they're > trusted; since they're running on arbitrary machines and contacting our > servers, that's surely not the case. So I think I stand by my statement,
You misunderstand, perhaps; the taking away often happens in the VFS layer of the OS, and the cache manager has no say in it. I believe this is what you're seeing on Debian. -- brandon s allbery kf8nh sine nomine associates allber...@gmail.com ballb...@sinenomine.net unix openafs kerberos infrastructure xmonad http://sinenomine.net
