[OpenAFS] ticket expireation question

[Chris Crowther]

Jiann-Ming Su wrote:

> loose on a AFS volume.  What happens if the kerberos ticket expires
> before the job is done running?  Additionally, how well would OpenAFS

	Simply, it would lose its credentials; it would have whatever access
the ACLs allow for an unauthenticated client.

	If the code for the simulation is something you control, you could in
theory modify it to use a Kerberos keytab to do its own authentication;
that's a security tradeoff though (and not something I know a great deal
about, so I could be wide of the mark).  The same thing would probably
apply to processes running in a distributed enviroment.

-- 
Chris Crowther