On Mon, May 3, 2010 at 11:23 PM, Russ Allbery <[email protected]> wrote: > Derrick Brashear <[email protected]> writes: >> Russ Allbery <[email protected]> wrote: >>> Derrick Brashear <[email protected]> writes: > >>>> A similar "attack" has been discussed before. > >>>> pts cg shadow:something >>>> pts chown shadow:something jaltman > >>>> jaltman now owns jaltman:something. > >>> This behavior is also really annoying if you have an external group >>> system whose names you're trying to synchronize with AFS PTS groups. > >> only if you track by name and not by id. same issue. :) > > Users who create a workgroup named shadow:something and then go to AFS and > wonder why fs setacl . shadow:something all doesn't work are unlikely to > be easily patched to track by ID instead.
they should probably avoid chowning the group away between steps a and b. -- Derrick _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
