[OpenAFS] Token Persistency and GUI Problems on Mac OS X
Wei-Gung Sun
Wei-Gung.Sun@jpl.nasa.gov
Thu, 19 Sep 2002 12:04:53 -0700
At 11:07 AM 9/19/2002 -0700, Russ Allbery wrote:
>Wei-Gung Sun <Wei-Gung.Sun@jpl.nasa.gov> writes:
>
> > Via the GUI window, my client side was recognized as Owner by file
> > protection mode of each directory (or folder) in AFS. AFS acl did
> > perform some capability to prevent system from being locked up when
> > granting access to file/directory(folder), but if file protection mode
> > for Owner of a directory has Read permission only, even you got token,
> > you still do not have sufficient access privileges to get access to that
> > directory (folder) unless the file protection mode for Owner of that
> > directory has at least Read and Execute permission (i.e. r-x for Owner).
>
>Yes, that's correct. If you don't have execute permission, you can't open
>the folder.
>
>This isn't a bug. :)
You still can cd to (open) that directory (folder) through Mac terminal
window's command line operation if the AFS ACL authorizes you at least the
l (lookup access) privilege. That's why I said the inconsistency between
the Mac Terminal window's command line operations and GUI after you klogged
and got token. The GUI is more responding to file protection mode than
responding to AFS ACL's authorization. Since this is an AFS client, then
this is a bug.
>In Unix execute (--x) for directories indicates whether you're allowed to
>traverse the directory or see what files are in it.
Yes, I agree with you.
--Will
>--
>Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
>_______________________________________________
>OpenAFS-info mailing list
>OpenAFS-info@openafs.org
>https://lists.openafs.org/mailman/listinfo/openafs-info