RE: [OpenAFS] AFS in the age of the wild west internet

Steve Gaarder Fri, 13 May 2016 07:33:12 -0700

Yes, of course we do that. My question is whether there is also a way tosay that some volumes cannot be accessed from outside our networkregardless of credentials. Would it work to put all those volumes on aserver with a firewall that blocks access?


Steve Gaarder
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
[email protected]


On Tue, 3 May 2016, Brandon Allbery wrote:

fs sa /path/to/whatever system:anyuser none

-----Original Message-----
From: [email protected] [mailto:[email protected]] On 
Behalf Of Steve Gaarder
Sent: Friday, March 4, 2016 10:05 AM
To: [email protected]
Subject: [OpenAFS] AFS in the age of the wild west internet

While I really like the concept of AFS as a world-wide filesystem, I'm starting 
to wonder if it's a good idea in the modern age of cyberattacks.
How safe is it to leave AFS open to the world?

Some of the data we store in AFS does not need to be accessed from outside of 
our network; is there a good way of blocking access to it from outside while 
preserving access to other data in the cell?

thanks,

Steve Gaarder
System Administrator, Dept of Mathematics Cornell University, Ithaca, NY, USA 
[email protected] _______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
:??T????j)b?   b?өzpJ)ߢ?^??좸!????????????~????????????ا~??????ȧ~

RE: [OpenAFS] AFS in the age of the wild west internet

Reply via email to