On Tue, Oct 18, 2005 at 12:31:01PM +0100, Burke, S (Stephen) wrote:
> Testbed Support for GridPP member institutes
> > [mailto:[log in to unmask]] On Behalf Of Kostas Georgiou said:
> > I can't see any security problems (provided that the clean up
> > really works).
>
> [...]
>
> > I can't really see what the advantages are for this model, i
> > am sure there
> > is a reason behind the suggestion but at the moment i can't
> > imagine anything.
>
> One advantage is precisely that it makes the clean-up a lot easier. At
> the moment you can't clean an account after a job ends because there may
> be another job (or many others) running under the same account. With a
> new account for every job you can safely delete all processes and files
> owned by that uid when the job ends.
>
> It might also make security tracking better, at least for some things
> you could pin down exactly which job did something.
This is interesting and yes it will make it a lot easier to clean up after
jobs. I wonder how it is going to work with gsiftp connections to the CE though
do you get a new pool account for it? do you get a random mapping from one
of your job allocated ones?
One of the reasons that we have pool accounts disabled is that someone can
open a gsiftp connection with a client like uberftp keep it active until
the account is recycled wait until the account is mapped to someone else
and then you can have some fun.
Cheers,
Kostas
PS> I find it funny that we are probably going to end up with more pool accounts
than users :)
|