[OpenAFS] Updated SNA OpenAFS Client Installer for MacOS
Benjamin Kaduk
kaduk@MIT.EDU
Thu, 4 Feb 2016 22:57:38 -0500 (EST)
Hi Evan,
On Thu, 4 Feb 2016, Evan Macbeth wrote:
> Included is an experimental change to the client to support the
> additional security verification of 10.11, where programs using the
> native "Cocoa" API will ask various root daemons (taskgated,
> DesktopServicesHelper, syspolicyd, possibly others depending on
> configuration) to verify files for them; these daemons do not have
> access to the user's token, and would normally fail verification as a
> result. This change means that root can read any AFS-resident file that
> is locally cached without a token. While this is technically a security
> violation, it should be noted that all versions of IBM AFS and OpenAFS
> already allow root (or, with lax cache permissions, potentially any
> user) to read any locally cached file by accessing the cache directory
> directly. Thus, the risk this introduces is no greater than the risks
> already carried by sites using AFS.
I know that at least some of these changes have been submitted to gerrit
already (e.g., change 12171), but are the actual patches applied on top of
1.6.16 for these installers available somewhere? It may be helpful for
some people to have the code available in some debugging scenarios, etc..
Thanks,
Ben