[379] in Info-AFS_Redistribution
Re: AFS & UFS protection
daemon@ATHENA.MIT.EDU (Marc Pawliger)
Thu Nov 7 15:56:35 1991
From: marc@ibmpa.awdpa.ibm.com (Marc Pawliger)
To: info-afs@transarc.com
Date: Thu, 7 Nov 91 10:11:29 PST
Unfortunately the scheme proposed by Ed won't work. Most newsreaders like
rn, rrn and xrn save a new .newsrc by saving .newsrc.new and then renaming
it to .newsrc so the action is 'atomic' with a backup file of the old
.newsrc until the new one is completely written. With the symlink scheme
this fails since renaming a real file to a link's name will replace the
link with the real file, leaving _two_ copies of the file - the 'private'
one and the 'public' one.
In general since AFS ACL's are at directory granularity instead of file you
will always have this problem.
The only solution I can think of is to chmod 600 .newsrc and make sure whatever
newsreader they use preserves the mode bits on the new file. This may involve
wrapping the newsreader in a script that sets the umask and exec's the reader.
--marc
+ Marc Pawliger IBM Advanced Workstations Division Palo Alto, CA +
| Internet marc@ibminet.awdpa.ibm.com UUCP uunet!ibminet!marc |
| IBMinet marc@ibmpa.awdpa.ibm.com phone (415) 855-3493 |
+ VNET MARCP at AUSTIN IBM phone T/L 465-3493 +