[OpenAFS] Re: Ideas for finer grain set acl controls

[Russ Allbery]

Andrew Deason <adeason@sinenomine.net> writes:

> In other words: *** PLEASE SPEAK UP *** if you want to be able to
> prevent normal users from doing something like "fs setacl ${HOME}
> system:authuser rlidwka" even when they have the 'a' bit on ${HOME}.

> Even if it's just "+1, yes, I want that", please say something.

It's not as important as being able to block system:anyuser, but yes, I'd
ideally like to be able to block arbitrary PTS groups from being added to
ACLs with "all" or "write" access.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>