>Most of our users will place files in their home directory, even in the top >level, expecting them to be secure. Additionally, I fully expect that most >users will leave permissions with the default settings. In this case, when a >user creates a directory it inherits the ACL privileges of its parent >directory. There is an expectation in our environment that content is secure >by default. That includes new directories not being world viewable. Depending >on your requirements of course, YMMV.
Given the choice between files possibly being world-readable and users having to expose their password for every login (even if you're encrypting the session, we've learned the hard way that isn't enough anymore), we decided to go with the former. As always, to each his or her own. --Ken _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
