[OpenAFS] significant delay for afs user to login as root via
su
Booker Bense
bbense@slac.stanford.edu
Thu, 18 Mar 2010 08:01:37 -0700 (PDT)
On Thu, 18 Mar 2010, Harald Barth wrote:
>
>> I'm not sure I see the value of putting a file that's part of a
>> distributed network filesystem in a local directory.
>
Afs home directories and .Xauthority is a pretty good way to let
everyone on your machine read all your keystrokes.
Anything that assumes unix permissions of 600 provides sufficient
security in a world readable directory breaks badly under current
AFS file permission models. (i.e acl's per directory, not file.. )
_ Booker C. Bense