> -----Original Message-----
> From: GRIDPP2: Deployment and support of SRM and local storage management
> [mailto:[log in to unmask]] On Behalf Of Sam Skipsey
>
> Yeah, those directory paths are world-readable (see our other discussion
> in storage yesterday!) so I think anyone [with a cert?] should be able to
> read them, regardless of VOMS role/attributes.
>
There's a slight philosophical difference here in that all the other files are created by the VO and if they ask for world readable that's what they get, whereas we're creating this one for them. There's also a practical knock-on effect of that difference in that we could be setting more restrictive ACLs on dump files if we wanted.
So, the question for the VO is really what ACL do they want setting on these?
Ewan
|