[OpenAFS] controlling access to backup volumes

Adam Megacz megacz@cs.berkeley.edu
Sun, 18 Mar 2007 22:26:37 -0700

If a user removes a file (or restricts access to it by changing an
ACL), and the file existed prior to the most recent "vos backup", that
file will still be accessible via the backup volume.

The backup volume can be mounted beneath a directory with a very
restrictive ACL, but it seems that other users in the same cell could
circumvent this by simply creating a new mount point for the backup
volume somewhere else.

So, is there any way to make a backup volume less accessible than its
rw?  If not, then it means that reducing access to any backed-up file
always has to wait until the next backup...

  - a

PGP/GPG: 5C9F F366 C9CF 2145 E770  B1B8 EFB1 462D A146 C380