[OpenAFS] Windows Terminal server and afs clients
Mon, 14 Jun 2004 20:26:52 -0400
On Monday, June 14, 2004 19:21:32 -0400 Derek Atkins <warlord@MIT.EDU>
> Jeffrey Altman <firstname.lastname@example.org> writes:
>> - setcrypt
> For setcrypt, IMHO a non-root (non-admin) user should be allowed to go
> up, but not down. E.g., a user should be allowed to turn crypto
> protection on, but not off. I'm not sure if the Unix client allows
I disagree. This is a system-wide setting, and changing it in either
direction has implications. A user turning this on would cause the system
to consume resources which do not belong to him.
It would be nice to have a per-PAG flag indicating whether encrypted
connections should be used. But we don't have that today.