jaharkes_at_cs.cmu.edu wrote:
> 
> braam_at_cs.cmu.edu said:
> | So you want a sticky bit on the directory.  Not a bad idea - this is
> | also quite desirable for email spool directories etc.  This is one of
> | the main problems of the AFS/Coda security model.  Where it tries to
> | diverge from Unix it runs into trouble in system directories like
> | "mail", "/tmp" etc. where sticky bits are used.  But it is pretty easy
> | to change Coda a little bit and perfectly acceptable, to accomodate
> | this.
> 
> I do not think it is such a hot idea, it encourages write-write sharing
> in the same volume. And any conflict (which anyone can now create) will
> deny access to that volume for all other users.

A file system that can't support this is broken. (see the "." at the
end.)

If there is a risk of conflicts then we need to add a flag that
disallows use when the connection fails or has a last reintegrator wins
policy.  Clearly we can't always live with the risk of conflicts, these
things need fixing. 

> 
> Also, the client does NOT now it's venus UID, even though it has a
> token, it can only see the cleartext part, but has no way of validating
> it. I found this out when working on the hoard stuff.

??? When does this apply? vuid is used in permission checking.  Is this
during disconnection?

- Peter -