[OpenAFS] home on afs woes
Douglas E. Engert
Wed, 04 Jan 2006 14:42:37 -0600
Jim Rees wrote:
> Any distributed file system has the same problem, if files in the home
> directory need to be accessed during login. NFSv4 may have to address the
> same problems.
> The problem with afs is that you can't put an acl on a file. NFSv4 doesn't
> have this problem.
The problem is not about ACLs on files or directories, it more about
allowing world readable access to what some might consider sensitive data.
I still would not like the .k5login world readable.
What I meant about NFS vs AFS is that both have to live in a unix world
where the system daemons are run as root, and unix code assumes root
automaticly has read access to the home directory in all cases. A protected
NFS home directory has the same problem as an AFS home directory.
> OpenAFS-info mailing list
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439