At 03:30 PM 1/5/2006, Lester Barrows wrote:
On Thursday 05 January 2006 7:32 am, Ken Hornstein wrote: This appears to be a security decision based primarily on a technical limitation in AFS. The per-directory ACL limitation itself was more or less what I was discussing, as it has caused me more than its share of headaches. If I could place an ACL on a file and have it alone be readable/listable by the authentication process, that would be ideal. It's great that a world listable/readable top level home directory configuration works for your environment's security requirements, and it certainly saves a bit of work. It just isn't sufficient to comply with our security plans.
Wasn't there some talk about the DFS code being opened? And didn't DFS have file level ACLs? Could any of that code be ported to AFS, or is there already a project underway for file level ACLs in AFS?
Rodney Rodney M. Dyer Windows Systems Programmer Mosaic Computing Group William States Lee College of Engineering University of North Carolina at Charlotte Email: rmdyer_at_uncc.edu Web: http://www.coe.uncc.edu/~rmdyer Phone: (704)687-3518 Help Desk Line: (704)687-3150 FAX: (704)687-2352 Office: Cameron Applied Research Center, Room 232 _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
