>
> Plus the more services you have, open to the wide world, the more chance
> you have that some combination of services (plus their potential
> mis-configuration) blows a hole in the security, when each individual
> service seemed secure. A gsiftp server, allowing users to upload files
> to the CE, can be particularly dangerous in this regard (just get the
> file permissions wrong in exactly the right place...)
>
Unfortunately this can be the case with many services.
But I guess in this case we need the gridftp for now.
Flavia
> There's good reasons why sysadmins don't like running excess services...
>
> --
> =======================================================
> Dr O J E Maroney # London Tier 2 Technical Co-ordinator
>
> Tel. (+44)20 759 47802
>
> Imperial College London
> High Energy Physics Department
> The Blackett Laboratory
> Prince Consort Road, London, SW7 2BW
> ====================================
|