[OpenAFS] Monitoring bad ACLs of webpages: best practices? faster search?
Fri, 07 May 2010 14:14:36 -0400
I'm working on problems caused by users mistakenly leaving excessive
write permissions on the directories of their webpages. Does anyone
know if there is a best practices or other guidance document
somewhere? I realize the problem might not be so different from
webpages hosted on non-AFS filesystems.
One solution we're considering is regularly scanning our webspace for
excessively naive ACLs, but this is quite time consuming. Is there a
faster way to search for specific ACLs than various incantations of
gfind to fs-listacl, perhaps something that dumps all the ACLs of a
volume, assuming they are kept on one spot?
Thanks for any possible insights.