[OpenAFS] Purging the client cache
Russ Allbery
rra@stanford.edu
Sat, 09 Jan 2010 13:33:55 -0800
Jeffrey Altman <jaltman@secure-endpoints.com> writes:
> For Windows you will want to do two things:
> 1. install the cache file in an encrypted directory that is restricted
> to the SYSTEM account.
Ah, this is a good idea. Is this something that we can easily do as part
of the AFS installer? Do we need a separate product to do the encryption,
or do current versions of Windows support this internally? (We do have a
whole-disk encryption product that we've been deploying, but my guess is
that the people using this new service and the people using whole-disk
encryption won't be slightly the same.)
> 2. Add "fs flushall" to the VPN disconnect script.
This sounds great. Thank you!
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>