Also blocked at IFCA where I also found this files.
About avoiding this kind of actuations, I don't know how to act fairly. In fact when you issue or get a certificate, there are a set of impplied responsibilities that both issuer/issued accept. You can not avoid users writing to your disk, and I don't have physical time (besides I don't want) to check everything that is on our hard disks. This sounds complicated anyway.
Dani
----- Original Message -----
From: Jeff Templon <[log in to unmask]>
Date: Monday, June 13, 2005 7:51 pm
Subject: Re: [LCG-ROLLOUT] How to blacklist a certificate at site level ??
> User blocked at NIKHEF awaiting further instructions.
>
> Maarten Litmaath wrote:
>
> > Steve Traylen wrote:
> >
> >> On Mon, Jun 13, 2005 at 04:49:31PM +0100 or thereabouts, owen
> maroney
> >> wrote:
> >>
> >>> Hi,
> >>>
> >>> Hmm.
> >>>
> >>> Just checked the CE here and found that at 12:43 today someone
> >>> copied ssh keys into ~/.ssh
> >>>
> >>> This seems fairly clearly an abuse of someones certificate.
> >>>
> >>> I am entirely happen to 'name' this person. I suggest other
> sites
> >>> may want to check ls -latrh /home/*/.ssh
> >>
> >>
> >>
> >> I don't think this user was doing anything that bad and was not
> in
> >> anyway exploiting anything that has not already been known
> about for
> >> ages. Don't give him a hard time. He just wanted to run jobs
> and was
> >> making use of what he could do.
> >
> >
> > Er? A "dteam" user is only supposed to run test jobs!
> > Chances are his account/cert was hacked, so I vote for blocking
> the user.
>
|