AFS solved the cross OS permission problem by throwing away OS permissions and handling permissions itself entirely. It's tightly integrated with kerberos for auth/encryption enabling trivial federation.<p>It also solved a lot of data locality/ discovery issues by using SRV records. You want to visit /afs/cmu.edu? No problem, client looks up the dns record then uses that to ask the volserver where the volume actually lives.<p>The openafs server implementation is single threaded unfortunately. However is a more performant proprietary implementation via auristor (it's not all bad as Jeff Altman has been involved in openafs for a long time).<p>If you don't want to install the openafs kernel module on all your clients, there is also a stripped down in-kernel Linux client, kafs.<p>You still run into it in the research/edu space although a lot of places now block outbound afs so you don't accidentally leak data.<p>I highly recommend checking out other software that came out of project Athena. It really was a special time in compute and had some really novel concepts.<p>Source: I've spent waaaay too much time dealing with AFS and kerberos.