RE: [OpenAFS] AFS in the age of the wild west internet

Steve Gaarder Fri, 13 May 2016 07:33:12 -0700

Yes, of course we do that. My question is whether there is also a way tosay that some volumes cannot be accessed from outside our networkregardless of credentials. Would it work to put all those volumes on aserver with a firewall that blocks access?


Steve Gaarder
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
gaar...@math.cornell.edu


On Tue, 3 May 2016, Brandon Allbery wrote:

fs sa /path/to/whatever system:anyuser none

-----Original Message-----
From: openafs-info-ad...@openafs.org [mailto:openafs-info-ad...@openafs.org] On 
Behalf Of Steve Gaarder
Sent: Friday, March 4, 2016 10:05 AM
To: openafs-info@openafs.org
Subject: [OpenAFS] AFS in the age of the wild west internet

While I really like the concept of AFS as a world-wide filesystem, I'm starting 
to wonder if it's a good idea in the modern age of cyberattacks.
How safe is it to leave AFS open to the world?

Some of the data we store in AFS does not need to be accessed from outside of 
our network; is there a good way of blocking access to it from outside while 
preserving access to other data in the cell?

thanks,

Steve Gaarder
System Administrator, Dept of Mathematics Cornell University, Ithaca, NY, USA 
gaar...@math.cornell.edu _______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
:??T????j)b?   b?өzpJ)ߢ?^??좸!????????????~????????????ا~??????ȧ~

RE: [OpenAFS] AFS in the age of the wild west internet

Reply via email to