[OpenAFS] significant delay for afs user to login as root via su

ematlis@yahoo.com ematlis@yahoo.com
Thu, 18 Mar 2010 06:17:57 -0700 (PDT)

I see what you are saying, but how would you handle a scenario with thousands of people (university students) accessing hundreds of computers in labs all over campus which they are not responsible for and cannot be bothered to manage?  Is there a way of automatically forcing .XAuthority to reside in /tmp?



--- On Thu, 3/18/10, Harald Barth <haba@kth.se> wrote:

> From: Harald Barth <haba@kth.se>
> Subject: Re: [OpenAFS] significant delay for afs user to login as root via su
> To: ematlis@yahoo.com
> Cc: achim.gsell@psi.ch, openafs-info@openafs.org
> Date: Thursday, March 18, 2010, 7:59 AM
> > I'm not sure I see the value of putting a file that's
> part of a
> > distributed network filesystem in a local directory.
> First: The .Xauthority file is only used locally on your
> machine, why
> would you need it in AFS?
> Second: If we now can agree that .Xauthority does not need
> to be in
> AFS, why not put it in /tmp and get better security? If
> /tmp is a
> memory file system, the better.
> Harald.
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info