[OpenAFS-devel] Joinable PAG's
Garance A Drosihn
drosih@rpi.edu
Sat, 17 May 2003 13:59:54 -0400
At 7:53 PM -0500 5/15/03, Nathan Neulinger wrote:
>Garance wrote:
> > Note that if you did have join-able PAG's, it would not be
>> based on the userid who first authenticated to it. We have
>> people who use a shared account for access to local (unix)
> > files, and then klog to separate AFS user accounts.
>
>> So, if you're going to have joinable PAG's, then you need to
>> attach some password/authentication method which is specific
>> to that PAG, and not related to any of the tokens which have
> > been used in that PAG.
>
>Joinable pags is a purely administrative function, used by
>almost nobody right now except for a few esoteric system
>admin functions on select installations, certainly nothing
>in a normal install/setup.
>
>If that capability is objectionable (most people didn't even
>realize it was possible currently, and at that, only for
>root/suid=0 procs)
I expect there was supposed to be more said on that last
paragraph...
I'm one of the people who didn't know that openafs had any
support for joinable PAGs. I mean, it was was obviously
possible to do at some technical level, for someone who was
root and who could do some low-level programming, but not
that there was some more visible user-interface for it.
I know there are situations where joinable PAGs might be
useful, but I wouldn't want it to open any subtle security
holes. So, how can a process join an already-existing PAG,
and what authentication/authorization steps are there?
--
Garance Alistair Drosehn = gad@gilead.netel.rpi.edu
Senior Systems Programmer or gad@freebsd.org
Rensselaer Polytechnic Institute or drosih@rpi.edu