[OpenAFS] home on afs woes

Douglas E. Engert deengert@anl.gov
Wed, 04 Jan 2006 14:42:37 -0600

Jim Rees wrote:

>   Any distributed file system has the same problem, if files in the home
>   directory need to be accessed during login. NFSv4 may have to address the
>   same problems.
> The problem with afs is that you can't put an acl on a file.  NFSv4 doesn't
> have this problem.

The problem is not about ACLs on files or directories, it more about
allowing world readable access to what some might consider sensitive data.
I still would not like the .k5login world readable.

What I meant about NFS vs AFS is that both have to live in a unix world
where the system daemons are run as root, and unix code assumes root
automaticly has read access to the home directory in all cases. A protected
NFS home directory has the same problem as an AFS home directory.

> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info


  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444