[OpenAFS-devel] Re: safe dropboxing in an anonymous world

[Steve Simmons]

On Feb 7, 2011, at 2:04 PM, Jeffrey Altman wrote:

> If the Unix CM is reading beyond the end of file as part of preparing =
a
> chunk to be written, that sounds like a bug to me.  The Windows CM =
never
> reads data from the file server beyond the known EOF.  If the file is
> new, the file length is 0 and the client prepares the page locally
> without file server interaction.

Agree, but . . . we really don't want to have functionality on the =
server that will allow malicious clients to read data they shouldn't be =
able to. We can say it's a client bug all we like, it's still the server =
handing out data it shouldn't.=