On Mon, Mar 07, 2005 at 04:31:32PM +0000, owen maroney wrote:
>
> service seemed secure. A gsiftp server, allowing users to upload files
> to the CE, can be particularly dangerous in this regard (just get the
> file permissions wrong in exactly the right place...)
Keep in mind that globus-job-run could also be used in a malicious way
on your CE (and perhaps is more dangerous than gsiftp), so I doubt if by
disabling globus-gridftp on the CE you are actually increasing its
security.
Futhermore I have the suspicion that the following monitor
uses globus-url-copy and will not function if globus-gridftp is disabled
on the CEs:
http://goc.grid-support.ac.uk/gppmonWorld/cert_maps/CE.html
--
Kyriakos Ginis, PhD Candidate
Software Engineering Laboratory
National Technical University of Athens
|