[OpenAFS] Re: Proposed changes for server log rotation

Simon Wilkinson sxw@inf.ed.ac.uk
Sun, 5 Dec 2010 23:36:33 +0000

On 5 Dec 2010, at 21:37, Andrew Deason <adeason@sinenomine.net> wrote:

> On Sun, 05 Dec 2010 10:05:20 -0500
> "Chas Williams (CONTRACTOR)" <chas@cmf.nrl.navy.mil> wrote:
>>> Perhaps we should ship with it disabled by default?
>> probably.  especially since this is one of those lesser known features.
>> i.e. it should be opt in, not "oh yeah, and you get this for free by
>> installing".
> We only just agreed to turn on by default the configure flag that lets
> you turn on restricted mode at all, for 1.6. I'd hope we'd wait another
> stable release cycle or two before making it the default (maybe 2.0?).

I don't see the relationship here. Are you saying that every time we ship a n=
ew feature we should ship it disabled, and then wait a couple of release cyc=
les before enabling it? Because that's going to get boring really quickly.

The relationship between being in UserList and having effective root access t=
o the machine is poorly documented, and poorly understood. I suspect that th=
is discussion has come as an unpleasant surprise to many people. If you add i=
nto the mix the extremely weak authentication and connection security that p=
rotects it from external attack, then I think that this is a hole we should b=
e removing from the default install as soon as possible.