[OpenAFS] anon FTP upload directory ACL
01 Jun 2002 22:15:36 -0400
>From a security standpoint I think it's a good idea to have this
functionality. I'd like to see it in OpenAFS.
Garry Zacheiss <zacheiss@MIT.EDU> writes:
> >> > ISTR there were two ways of doing implicit-admin. One was by directory
> >> > ownership, the other was volume ownership. I thought in the end it was
> >> > by-volume, but perhaps that was just an MIT Security patch that was
> >> > never accepted back into the mainline (and yes, IMHO is it a security
> >> > bug that you mkdir foo and then control the acl on foo).
> >> I'm definitely inclined to agree with you; I can't ever remember wanting
> >> the current behavior as opposed to just watching out for it. Maybe that
> >> patch should go into OpenAFS.
> The patch Derek refers to is definitely an MIT-local patch that was
> never accepted back by Transarc. If there's interest in it, I can
> happily commit it to the OpenAFS mainline, although I wouldn't expect it
> to appear in a stable release until 1.4.x.
> OpenAFS-info mailing list
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available