[OpenAFS] To read a file from a directory whose ACL is r-l (read
permission but no lookup permission)
Tue, 13 Sep 2005 21:56:00 +0300
Jeffrey and Frank
thank you for your quick replies
> AFAIK this is not possible but why would you want to do that? It's
> "Security throug Oscurity" (aka "The Windows Way" ;-) ).
> A wise man once said, "Security through obscurity is worse than no
> security at all".
I want that my windows users can access the files through a custom
application, not directly. And I think that if I prevent users to browse
the directory and only the custom application knows the names of files,
it'll be OK.
But as you say, this is not a good solution, so I try to find another
solution. My new solution is to run my application with RunAs in a
sandbox. This application access the files in AFS cache as a special
user. I want to ask that the administrator of the windows machine can
access the files in AFS cache which belongs to this special user when
the application is running?