> This is quite disturbing.  The loose ACLs (i.e., free write access to  
 > all nodes in condor-hosts) were set because we are using that method  
 > for shared file system across multiple DNs of GLOW.  I put those  
 > directories on web for convenience long ago but I don't really need  
 > them now.  Your removing the link is just fine. It appears to me that  
 > the "attack" is from one of the condor-hosts as I believe we don't let  
 > the web server post files to our directories, do we?

No, we don't directly allow uploading files.

We are not the only group to have loose AFS ACLs exploited, btw.

steve
--