[OpenAFS-devel] Re: Methods of Restricting AFS3 ACL rights

[Adam Megacz]

Jeffrey Altman <jaltman@secure-endpoints.com> writes:
>> I keep a set of notes on what I would do differently if AFS were
>> completely rebuilt from scratch without any backward-compatibility
>> concerns.  If each volume had some sort of secret access key (retrieved
>> by the CM via its mountpoint in some other volume) it would be possible
>> to control who is allowed to create a mountpoint pointing *to* a
>> particular volume.  But the means to do so goes way outside the existing
>> AFS infrastructure.
>>
>>   - a
> Adam:
>
> Any volume can be accessed directly.  No mount point is required to do
> so. 

You are correct.  Did something in my message lead you to believe otherwise?

  - a