[OpenAFS] Re: Problem with IP-Based ACLs

Derrick J Brashear shadow@dementia.org
Fri, 4 May 2007 23:35:40 -0400 (EDT)


On Fri, 4 May 2007, Adam Megacz wrote:

>
> "Todd M. Lewis" <utoddl@email.unc.edu> writes:
>> Or think about it another way. When you become a member of a new
>> group, you (may) have to re-authenticate for the change to take effect
>> for ACLs in a given directory.
>
> Forgive my ignorance here... do AFS tokens include a (signed) list of
> what groups you belong to?

no. just a timestamp.
>
> Does this mean that removing somebody from a group doesn't revoke
> their access until their current token expires?

it does anyway

>  - a
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>