* Jeffrey Altman [2009-10-30 13:20:12 -0400]:
To address the use case properly there needs to be the ability to apply
additional sets of ACLs controlled entirely by the administrator.
Positive ACLs that give privileges that cannot be restricted and
negative ACLs that restrict privileges that
Sergio Gelato wrote:
* Jeffrey Altman [2009-10-30 13:20:12 -0400]:
To address the use case properly there needs to be the ability to apply
additional sets of ACLs controlled entirely by the administrator.
Positive ACLs that give privileges that cannot be restricted and
negative ACLs that
Hello,
Andrew, Tom, and I would like to discuss and solicit feedback on
some ideas we have been considering to strengthen OpenAFS access
controls, especially for sites which provide AFS service over the
public internet.
Background
--
Currently sites may give users administrative
On Oct 30, 2009, at 7:54 AM, Michael Meffie wrote:
Hello,
Andrew, Tom, and I would like to discuss and solicit feedback on
some ideas we have been considering to strengthen OpenAFS access
controls, especially for sites which provide AFS service over the
public internet.
I like the
Michael:
Thank you for this proposal. I think you have misnamed it. What
you are proposing is not finer grained ACLs but ACL change control
policies. The problem as Jim Rowan pointed out is that the ability
to change the modify the ACL is not the point of control. What is
desired is the
