Coda File System

Re: Coda for home directories and NIS vs. Kerberos

From: Simon Wilkinson <sxw_at_inf.ed.ac.uk>
Date: Thu, 31 Jan 2008 18:05:51 -0500
On 31 Jan 2008, at 22:48, Jan Harkes wrote:

> On Thu, Jan 31, 2008 at 04:26:08PM -0500, Davor Ocelic wrote:
>> In AFS, there is a special provision made for interoperability with
>> Unix - person to which a file is chowned has implicit 'all' rights
>> on the file. Does this work that way in Coda too?

It doesn't work that way in AFS - AFS does have some implicit rights,  
but if you don't have a read ACL for a directory, you can't access  
files in it, regardless of their ownership.

> I wonder how they can do something like that reliably in a cross realm
> context.

Files that get written to a volume in a cell are owned by the user's  
ID in that cell's protection service database, not by the local UID  
on the machine which wrote them.

Simon.
Received on 2008-01-31 21:05:12