In message <[email protected]>,Andrew Deason writes: >On Sun, 05 Dec 2010 10:05:20 -0500 >"Chas Williams (CONTRACTOR)" <[email protected]> wrote: > >> >Perhaps we should ship with it disabled by default? >> >> probably. especially since this is one of those lesser known features. >> i.e. it should be opt in, not "oh yeah, and you get this for free by >> installing". > >We only just agreed to turn on by default the configure flag that lets >you turn on restricted mode at all, for 1.6. I'd hope we'd wait another >stable release cycle or two before making it the default (maybe 2.0?).
i doubt many people use this 'feature' of afs given all the comments i have seen so far. reversing the default mode for this feature isnt likely to affect many people. anyone it does bother would understand how to reverse it (assuming you mention it in the release notes -- i sort of doubt the release notes mention afs installing a backdoor by default unless you turn it off during the install). in disabled mode, you could make bos getlog return a message about this feature being disabled and you need to enable it. probably not possible for bos exec though. i dont think it returned output. even if getlog is enabled, should it be able to read *any* file on the system? _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
