[OpenAFS] Kerberos 5 cache in /tmp

[John Rudd]

On Apr 7, 2004, at 12:41 PM, Jeffrey Hutzelman wrote:
>
> This property is not new with krb5.  It follows directly from the UNIX 
> security architecture.
>
>
> If you do not trust the people who have privileged access to your 
> machine, then you have already lost.
>

I wonder how "capability" based OS'es might change that interaction 
(I've wondered about how kerberos might function in a capability 
environment in the past, but haven't been sure how to approach it ... 
and that goes for AFS as well).