[OpenAFS] Problems giving a daemon process permanent access to AFS
Christopher D. Clausen
Thu, 1 Feb 2007 17:51:12 -0600
Jeffrey Hutzelman <email@example.com> wrote:
> On Thursday, February 01, 2007 03:57:47 PM -0500 Earl Shannon
> <Earl_Shannon@ncsu.edu> wrote:
>> I don't know what all your security considerations are, but I'd
>> suggest you create an IP ACL
>> in the filespace the daemon needs to access.
> Don't do this. IP-address-based ACL's are not only very insecure but
> also notoriously unreliable.
There is also no encryption with IP based ACLs.