[OpenAFS] ACLs not working on afs volumes! Help!
matt cocker
matt@cs.auckland.ac.nz
Thu, 19 Aug 2004 11:35:59 +1200
> Well, sometimes users do not understand ACLs and accidentally remove
> themselves from their own directory. Its nice to not have to have an
> admin fix it.
The problem is that users can give themselves more priviledges than you
set if they own the mountpoint. We wanted to stop users adding
mountpoints to their homedirectories and removing the admin acl prevents
this but the users can just give themselves admin access and do it anyway.
I guess we will just change the way we do things. We can make the
unixhome directory owned by the user but the mount point of the user
volume can be owned by nonuser.
Cheers
Matt