[OpenAFS] anon FTP upload directory ACL

[Turbo Fredriksson]

>>>>> "Derek" == Derek Atkins <warlord@MIT.EDU> writes:

    Derek> Turbo Fredriksson <turbo@bayour.com> writes:
    >> ----- s n i p ----- [papadoc.pts/1]$ fs listacl
    >> /afs/bayour.com/public/ftp/incoming Access list for
    >> /afs/bayour.com/public/ftp/incoming is Normal rights:
    >> system:administrators rlidwka system:anyuser iw ----- s n i p
    >> -----
    >> 
    >> Then 'anonymous' can DELETE files in incoming! And it's still
    >> possible to VIEW files (and the directory itself)...

    Derek> "iw" perms should not permit anyone to delete files.  Are
    Derek> you sure that the ftpd is running without any tokens?

Quite (but not 100%). It's kftpd, running from xinetd, which have not
been restarted (started from init script at boot some days ago)...

Client is ncftp, which don't pass the token/ticket I might have on
the client...
-- 
Khaddafi Kennedy Mossad president Qaddafi Marxist spy Noriega class
struggle Ortega cryptographic Soviet Ft. Bragg Semtex colonel
[See http://www.aclu.org/echelonwatch/index.html for more about this]