Eric Fede a écrit :
> Hi
>
> Dr D J Colling wrote:
>
>> Hi Dave,
>>
>> I do see your point.
>> Just a couple of points.
>>
>> 1. Of course anybody could perform the DoS attack you suggest, but
>> you would know who they were as their DN would be logged as they
>> would have gone through the same level of security as anybody running
>> in the batch queue.
>>
>>
> Not really, somebody running a job on a WN ( via batch queue) can only
> overload the WN, if somebody overload the gatekeeper, all the grid
> node shutdown.
> The level of security inside the hosts which provide the grids
> services have to be higher
Yes.
And for our site we use our own job manager, and we have
many protections on the WNs that come with it (i.e. ressources
limits for jobs, many monitoring tools that can detect some
bad behaviours...), in particular the fact that a ill nodes are
automaticaly ejected from the valid nodes.
These protections are not all activated on the CE as it would
react badly with the LCG stuff.
So a evil job (or simply a very-bad-writen job) will only destroy
a few nodes, not the CE.
--
Yannick Perret
|