[OpenAFS] ACLs and open-afs

Jim Rees rees@umich.edu
Thu, 10 Oct 2002 12:48:20 -0400


  Actually it has turned out to be a blessing. There are very few situations
  where in AFS you need to have an ACL on a file.

Allow me to vehemently disagree.  Lack of file acls is one of the greatest
misfeatures of afs.

Take a look at your home directory for an example.  Lots of little tiny
files and directories, some of which must be world readable, some of which
must not.  My own home dir is a nightmare of symlinks.  Same thing for
~/.ssh.  And not having a separate "initial file acl" on directories means
if I want my home directory readable (so I can login without tokens) I run
the risk of having files like .Xauthority pop up, world readable, opening a
huge security hole.

DCE got a few things right, and this is one of them.