Hello,

a background: I have noticed somewhere in Coda code a special case for
uid 0's credentials (venus invalidating acls on cached objects, something
like that?).

I am a bit concerned about uid 0 being able to access /coda as an
authenticated user (thus protected from server spoofing), without
extra side effects.

I wish the following would work (and hope it does) :
 1. a cron job once in a while creating root kerberos credentials by a
keytab, host/<host> being a good principal candidate as such keytab and
entry should exist anyway :)
 2. the same cron job refreshing/replacing uid 0's coda token via [k]clog
 3. then the cronjob may even destroy the kerberos credentials

* [1] and [3] may be omitted for a non-kerberized venus.

** it is so convenient to not have a PAG. PAG does not add much for the
security ("uid trust" is hardly avoidable in UNIX) but places additional
limitations, like starting crond after initial authentication...

*** well, PAG would help to allow cron jobs to alter user files on Coda if
the user explicitely grants host/<host> the right to do that...
The same for mail delivery and other "problematic aspects" of networked
filesystems.

Best regards,
and the usual thanks for Coda!
--
Ivan