[OpenAFS] ACLs and open-afs

Friedrich Delgado Friedrichs 6delgado@informatik.uni-hamburg.de
Mon, 14 Oct 2002 22:47:06 +0200 

--bKyqfOwhbdpXa4YI
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

Derek Atkins schrieb:
> Friedrich Delgado Friedrichs <6delgado@informatik.uni-hamburg.de> writes:
> > Derrick J Brashear schrieb:
> > > Of course the thing you're all neglecting is the bit where unless you=
 have
> > > your AFS traffic encrypted, you already screwed yourself by having
> > > .Xauthority in AFS.
> > Hm. What is harder, breaking AFS traffic encryption or guessing xauth
> > cookies? Might be worth a research...
> Who has to break encryption?  If your homedir is "system:anyyser rl"
> then I can just read the file.
I think the point here was, that even *if* the homedir is
"system:anyuser l" or less, *and* afs Traffic is transmitted via an
untrusted network, somebody could snoop the afs traffic and get the
file contents. This is where encryption starts to be of any concern at
all.

If the directory is "system:anyuser rl", encryption is of course
pointless.

> The real answer is that SSH should be modified (or configured) to
> create a random .Xauthority file in /tmp (or /tmp/$USER)
Which is of course possible.

Ceterum censeo, there are too many client programs that store sensible
data in $HOME, that rely on unix file protection. Therefore, $HOME
should never be "rl" for anybody other than the user and
"system:administrators".

This cannot be solved by *one* program doing the right thing with
respect to afs acls.

The alternative would be to patch or reconfigure every client program
that stores sensible data in $HOME. gpg, pgp, ssh, bash and possibly
some others come to mind here.

Just my 2=A2
     Friedel
--=20
	Friedrich Delgado Friedrichs <friedel@nomaden.org>
Laziness led to the invention of the most useful tools.

--bKyqfOwhbdpXa4YI
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iEYEARECAAYFAj2rLUoACgkQCTmCEtF2zEAKygCdGIQZQvEGyciYgdXCSgGaqV9f
xokAoLSsJshuU21wzxeISp5BNLy9R4J2
=OJjO
-----END PGP SIGNATURE-----

--bKyqfOwhbdpXa4YI--