[OpenAFS-devel] kuserok() checking UID ownership on afs

Jeffrey Hutzelman jhutz at cmu.edu
Wed Feb 2 11:41:33 EST 2005


On Wednesday, February 02, 2005 08:14:05 AM -0600 "Douglas E. Engert" 
<deengert at anl.gov> wrote:


> Would you accept any changes in this area to check if the file
> is in AFS, and not check the ownership?
> like if (strncmp(path,"/afs",4) ...

Besides being ugly, that test doesn't look very safe, either.
It matches /afsfoo
It matches /afs/foo.bar.edu/user/joe/.k5login which is a symlink to a
file in /usr/tmp owned by some other user.
It fails to deal when AFS is not mounted.
It fails to deal when AFS is mounted elsewhere.
It assumes semantics for the name "/afs" which may not apply everywhere.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA




More information about the krbdev mailing list