[OpenAFS] significant delay for afs user to login as root via su

Booker Bense bbense@slac.stanford.edu
Thu, 18 Mar 2010 08:01:37 -0700 (PDT)


On Thu, 18 Mar 2010, Harald Barth wrote:

>
>> I'm not sure I see the value of putting a file that's part of a
>> distributed network filesystem in a local directory.
>

Afs home directories and .Xauthority is a pretty good way to let
everyone on your machine read all your keystrokes.

Anything that assumes unix permissions of 600 provides sufficient
security in a world readable directory breaks badly under current 
AFS file permission models. (i.e acl's per directory, not file.. )

_ Booker C. Bense