[OpenAFS] AFS in the age of the wild west internet
Tue, 3 May 2016 11:02:56 -0400 (EDT)
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Content-Type: TEXT/PLAIN; CHARSET=UTF-8; FORMAT=flowed
Yes, of course we do that. My question is whether there is also a way to=
say that some volumes cannot be accessed from outside our network=20
regardless of credentials. Would it work to put all those volumes on a=20
server with a firewall that blocks access?
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
On Tue, 3 May 2016, Brandon Allbery wrote:
> fs sa /path/to/whatever system:anyuser none
> -----Original Message-----
> From: firstname.lastname@example.org [mailto:email@example.com=
rg] On Behalf Of Steve Gaarder
> Sent: Friday, March 4, 2016 10:05 AM
> To: firstname.lastname@example.org
> Subject: [OpenAFS] AFS in the age of the wild west internet
> While I really like the concept of AFS as a world-wide filesystem, I'm st=
arting to wonder if it's a good idea in the modern age of cyberattacks.
> How safe is it to leave AFS open to the world?
> Some of the data we store in AFS does not need to be accessed from outsid=
e of our network; is there a good way of blocking access to it from outside=
while preserving access to other data in the cell?
> Steve Gaarder
> System Administrator, Dept of Mathematics Cornell University, Ithaca, NY,=
USA email@example.com _____________________________________________=
> OpenAFS-info mailing list