[OpenAFS] To read a file from a directory whose ACL is r-l (read permission but no lookup permission)
Derek Atkins
warlord@MIT.EDU
Wed, 14 Sep 2005 09:11:04 -0400
acemi <acemi@spymac.com> writes:
> Any suggestions?
Encrypt your data files and put the decryption routines in the
application?
Seriously, with what you've told us it sounds like you're trying to
implement some sort of DRM solution. DRM solutions don't work in
software. It's all just a matter of obscuring what you're doing to
keep the honest guy honest. The bad guy will always find a way around
it.
It certainly sounds like your threat model does not match that of
AFS's security model. You might want to rethink what you're trying to
accomplish, or come up with an actual threat model for what you're
trying to do.
Good Luck,
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available