Hi Jeffrey,
> In addition, before the
> RUNAS session can access to non-system:anyuser areas of AFS,
> it will need to obtain an AFS token that will in turn also
> require a username and password.
I think to start AFS session in RunAS session. So I don't need
to obtain an AFS token before the RunAS session.
> Where do you plan to store the usernames and passwords that
> are required such that the user is unable to obtain them and
> simply access AFS themselves?
I plan to store the username and passwords (for RunAs and for
Kerberos) in a database server. The logged user can access them
using an application. But now, I understand that this is also a
"Security through obscurity" case.
Any suggestions?
thanks
acemi
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info