On Thursday, February 01, 2007 03:57:47 PM -0500 Earl Shannon <[EMAIL PROTECTED]> wrote:
Hello, I don't know what all your security considerations are, but I'd suggest you create an IP ACL in the filespace the daemon needs to access.
Don't do this. IP-address-based ACL's are not only very insecure but also notoriously unreliable.
If the server doesn't have other users on it you should be ok.
Sorry, but this is terrible advice. It is often quite easy for an attacker to hijack an IP address; assuming otherwise is asking for trouble.
-- Jeffrey T. Hutzelman (N3NHS) <[EMAIL PROTECTED]> Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info