[OpenAFS] keeping openafs from breaking group security
Derek Atkins
warlord@MIT.EDU
Sun, 6 Feb 2005 12:53:01 -0500
Quoting Matthew Miller <mattdm@mattdm.org>:
> On Sun, Feb 06, 2005 at 12:46:23PM -0500, Derek Atkins wrote:
> > "Doctor, doctor, it hurts when I do this...."
>
> Cute, but you miss the point: it could hurt when *other* people do this. I'd
> be better if they weren't able to.
The docs have always said "don't use Unix Groups in the range <x..y> when you
use AFS" and goes on to describe how and why. So IMHO if someone ignores the
clearly docuemented "don't do this" they deserve to screw themselves.
> If the "su" command let any user change user ids with no authentication,
> would your solution be to suggest I not do it?
That's apples and oranges. A better analogy would be if the su documentation
said "putting users in group 1 will allow them to change userid without
authentication" but you (or someone else) still put users into group 1. Is it
SU's fault? Or the user's fault? I would say the latter, not the former.
Especially in the case of OpenAFS where it's not even distributed with the base
OS so users need to specifically add it themselves.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available