>> You can't. If we allow you to specify the 'anonymous' user, you could >> assign negative idwka rights to 'anonymous' on the volume-level ACL to >> prevent system:anyuser write access. But there is no way to prevent >> access for system:authuser. >> >> Note: giving a negative ACL on, say, system:anyuser would prevent _any_ >> user from getting rights; that's not what we'd want. > > Since system:anyuser represents all users, it seems to me we could > introduce a way to indicate anonymous users. Perhaps with a new > system group, system:anonusers which represents users that are > not authenticed? > > At that point we would specify a volume level negative right, > > Negative rights: > system:anonusers idwka
Why do you need a group, as opposed to simply mapping 32766 to a name? Derrick _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
