-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anders Johansson wrote: > On Sunday 07 October 2007 11:21:05 G T Smith wrote: >> Within the context of the Linux file system mounting framework I would >> agree with you. >> >> However, in the context of a Directory Service managed resource >> framework it does begin (I should emphasise the begin) to make sense. In >> the latter resources would ideally be managed in global network manner, >> and there should be some constraints on what context a local machine or >> individual can interact with the network resource. > > Hm, I'm not sure I follow you. > > First of all, someone can unmount it. So why shouldn't the admin of the > machine be able to delegate this to others, in the same way as for other file > systems? > > Secondly, are you seriously saying that it's possible through policy to > prevent a client from *un*mounting a resource? I can understand that there > are rules about who can mount and from where, but surely a client can at any > time say "no, I don't want this share anymore"
Unfortunately if you can disconnect a resource, you can also reconnect something else at the same point, and that could be a security issue. If the location is taken it makes it more difficult (but not impossible) to hijack. - -- ============================================================================== I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup ============================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFHCM/WasN0sSnLmgIRAh0jAKC7ZsdAfdd019fLcsYfg1seLpWHQACfYqz5 OTw2mVDzKmHfrpeBQnvbaW0= =2l5O -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
