[2095] in Info-AFS_Redistribution
root user exposure on AFS client
daemon@ATHENA.MIT.EDU (John Day)
Tue Oct 19 18:34:56 1993
Date: Tue, 19 Oct 93 10:43:50 EDT
From: "John Day" <dayjohn@vnet.ibm.com>
To: info-afs@transarc.com
Reply-To: dayjohn@vnet.ibm.com
Is there any known cell security exposure from root on an AFS client
machine? That is, can the root user on an AFS client machine in any
way compromise data in the cell, other than that which he is
specifically ACL'ed too. Are there any issues with IP address ACLs
or any other holes since the use has full access to browse the entire
client cache? Obviously the root user could change his ip address and
get at additional data, but other than that.
Thanks,
John
--------------------------------------------------------------------
John D. Day (301) 240-7513, T/L 372-7513
System Environments
182/3L31, FSD Gaithersburg
VNET: DAYJOHN@WMAVM7 800 North Frederick Ave
Internet: dayjohn@vnet.ibm.com Gaithersburg, MD 20879
