[OpenAFS] Windows Terminal server and afs clients

Derek Atkins warlord@MIT.EDU
Mon, 14 Jun 2004 19:21:32 -0400

Jeffrey Altman <jaltman@columbia.edu> writes:

>      - setcrypt

For setcrypt, IMHO a non-root (non-admin) user should be allowed to go
up, but not down.  E.g., a user should be allowed to turn crypto
protection on, but not off.  I'm not sure if the Unix client allows

> If there there are other commands people believe should be locked down, please let
> me know.


       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available