On Fri, Nov 25, 2005 at 02:23:46PM +0100, Laurence Field wrote:
> The responsibility of security at a site ultimately lies with the site
> and ROC. A site is free to turn off any services it wishes to do so if
> it has any concerns over the security. However, in turning off the
> service, the site may no longer be be usable.
>
> I think that we need to put this R-GMA vulnerability into perspective.
>
> As far as I am aware, there is no vulnerability with R-GMA that could
> lead to someone getting access to the node.
>
> The "vulnerability" is that as there is no authorization in R-GMA. This
> means that anyone can view information in R-GMA . However, this is true
> for most grid information and monitoring systems right now.
>
> The second "vulnerability" that anyone could publish information.
> Currently the only data used from R-GMA in LCG is
> GridFTP monitoring data.
> Job Status monitoring data
> Job monitor for the Running Job.
> SFTmonitoring.
>
> Someone publishing bad information into these tables should not affect
> the operation of the critical services.
>
> There is a plan to turn on authorization within R-GMA but it requires a
> migration path.
A minor correction - you mean authentication rather than
authorization. The implementation of authorization in the code is
about 6 months away.
Steve
|