The reason why OSCT does NOT inform sites to take further action is that
we want to know what exactly happened after the user has been informed
to stop his activities. Of course, individual site can make their own
decision how to handle this issue.
Yes, it is possible to blacklist a user on CE and gridFTP, but for SEs,
different SEs might use different access control mechanisms.
Regards,
Mingchao
> -----Original Message-----
> From: Testbed Support for GridPP member institutes
> [mailto:[log in to unmask]] On Behalf Of Alessandra Forti
> Sent: 07 November 2007 12:10
> To: [log in to unmask]
> Subject: Re: Heinz's data
>
> Yes, this is another problem. There is no security framework
> as such that works in the same way on every service.
>
> Greig Alan Cowan wrote:
> > I should add that I know one way of banning him from the SE is to
> > remove him from the grid-mapfile, but this will be
> recreated every few hours.
> > How do you actually blacklist him?
> >
> > On the CE there is a file /opt/edg/etc/lcas/ban_user.db, but this
> > doesn't exist on DPM/dCache nodes. For sites using dCache with
> > gPlazma, I think banning is possible.
> >
> > Greig
> >
> > On 07/11/07 11:50, Jensen, J (Jens) wrote:
> >> Can people please check whether Heinz Stockinger has
> written any data
> >> to their SEs.
> >> I would suggest blocking but not deleting it.
> >>
> >> Also, I recommend that you block access to the SEs for Heinz until
> >> further notice.
> >>
> >>> From other sites, it would appear he has a preference for classic
> >>> SEs, but it
> >> would be good to check anyway.
> >>
> >> --jens
> >
>
> --
> ***********************************
> * Alessandra Forti *
> * NorthGrid Technical Coordinator *
> * University of Manchester *
> ***********************************
>
|