[OpenAFS] To read a file from a directory whose ACL is r-l (read permission but no lookup permission)

[Derek Atkins]

acemi <acemi@spymac.com> writes:

> Any suggestions?

Encrypt your data files and put the decryption routines in the
application?

Seriously, with what you've told us it sounds like you're trying to
implement some sort of DRM solution.  DRM solutions don't work in
software.  It's all just a matter of obscuring what you're doing to
keep the honest guy honest.  The bad guy will always find a way around
it.

It certainly sounds like your threat model does not match that of
AFS's security model.  You might want to rethink what you're trying to
accomplish, or come up with an actual threat model for what you're
trying to do.

Good Luck,

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available