[OpenAFS] home on afs woes
Wed, 4 Jan 2006 14:18:51 -0800
On Wednesday 04 January 2006 1:30 pm, Ken Hornstein wrote:
> FWIW, we choose the exact opposite option (world readable home directory)
> for the exact same reason (lack of confidence in the vigilance of users).
Most of our users will place files in their home directory, even in the top
level, expecting them to be secure. Additionally, I fully expect that most
users will leave permissions with the default settings. In this case, when a
user creates a directory it inherits the ACL privileges of its parent
directory. There is an expectation in our environment that content is secure
by default. That includes new directories not being world viewable. Depending
on your requirements of course, YMMV.