On Thu, Feb 21, 2002 at 11:19:50AM -0500, Jan Harkes wrote:
> This actually shouldn't be possible, but only because venus really
> trusts 'kernel credentials' more than the 'token credentials'. But I
> would have to double check to see which 'user-id' is put in the access
> granted field of cached FS objects to be sure of this.

Cool, although vuid_t vuid sounds remarkably like 'venus/vice uid', it is
infact the fsuid/euid that came with the upcall.

So if local user 'billg' does a clog with my Coda-token in disconnected
mode, he still does not gain any access to my files because the objects
have only stored that they are accessible by the local user 'jaharkes'.

So now I can see where this is logically leading. As long as we are
disconnected, we don't have to check whether this user actually has a
token at all. The one case that needs to be fixed is when we connect to
the servers and a user doesn't have any tokens, all his cached
permissions should be purged, just as if he had a token that expired
during the disconnection.

Then the whole clog -fromtoken during disconnection isn't necessary.

Jan