 |
 |
One important comment,
if you don't enforce something like krb5 but you want to allow unix from remote (which is sort of very unsafe) you have to add the authdb mechanism and forbid root access from remote machines, otherwise everybody can act as root. I will add a rootsquash to the library (on monday) by default if it is remote access. It was actually not forseen for 'unix' authentication but kerberos or x509 where you don't really have a 'root' principal as you have in unix.
—
Reply to this email directly or view it on GitHub.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1