[OpenAFS] File ownership/permissions semantics
Christopher D. Clausen
cclausen@acm.org
Mon, 6 Nov 2006 09:30:50 -0600
Jim Rowan <jmr@qualcomm.com> wrote:
> Christopher D. Clausen wrote:
>> Derek Atkins <warlord@MIT.EDU> wrote:
>>> This script could also touch a file in the class volume
>>> so the TAs have the list of users. A simple "rli" will let you do
>>> this.
>>
>> You could touch files for other students then. (I'm not sure if that
>> would be a bad or not, it would depend if students can get negative
>> points for turning in non-functioning code.)
>>
> If you use the file ownership, not the name, to identify the student
> then I don't see any chance for impersonation.
Actually, I was just thinking about this...
Couldn't a student handin their own homework and then create a huge
number of random files to fill up all available directory entry slots,
thus breaking the handin app for subsequent handin attempts? It would
be obvious who this student was, but it could still be an annoyance.
<<CDC