[OpenAFS] Re: Problem with IP-Based ACLs
Fri, 04 May 2007 18:22:12 -0700
"Todd M. Lewis" <firstname.lastname@example.org> writes:
> Or think about it another way. When you become a member of a new
> group, you (may) have to re-authenticate for the change to take effect
> for ACLs in a given directory.
Forgive my ignorance here... do AFS tokens include a (signed) list of
what groups you belong to?
Does this mean that removing somebody from a group doesn't revoke
their access until their current token expires?