Good morning!
I asked this of UK Grid Security, but got an auto-reply that he's out of
office till Jan 2020.
Dr Yves Coppens (was BHAM, now long gone) built original Bristol WLCG
site (2004), & as I inherited it from him, one of the things he'd
configured in building WLCG WN was:
# disallow malicious user jobs to create atjobs & crontabs
touch /etc/cron.allow
touch /etc/at.allow
I assumed that was part of some WLCG security "best practice" in WN
build/config. Does anyone know, is it still true (recommended if not
required for WLCG WN)?
If so, is there some WLCG WN build/config security "best practice"
checklist? (We're building a batch of new WN so think to check all the
things to-do)
I took a look at
https://www.gridpp.ac.uk/wiki/Security_Information
but didn't see anything (obvious) like this?
Grateful for anyone's advice!
########################################################################
To unsubscribe from the TB-SUPPORT list, click the following link:
https://www.jiscmail.ac.uk/cgi-bin/webadmin?SUBED1=TB-SUPPORT&A=1
|