On Thursday 05 January 2006 7:32 am, Ken Hornstein wrote: > Given the choice between files possibly being world-readable and users > having to expose their password for every login (even if you're > encrypting the session, we've learned the hard way that isn't enough > anymore), we decided to go with the former. As always, to each his or > her own. > > --Ken
This appears to be a security decision based primarily on a technical limitation in AFS. The per-directory ACL limitation itself was more or less what I was discussing, as it has caused me more than its share of headaches. If I could place an ACL on a file and have it alone be readable/listable by the authentication process, that would be ideal. It's great that a world listable/readable top level home directory configuration works for your environment's security requirements, and it certainly saves a bit of work. It just isn't sufficient to comply with our security plans. Best regards, Lester Barrows _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
