On 20/12/13 13:27, Ewan MacMahon wrote:
-----Original Message-----
From: GRIDPP2: Deployment and support of SRM and local storage management
[mailto:GRIDPP-[log in to unmask]] On Behalf Of Wahid Bhimji
Sent: 20 December 2013 13:15
ok - I wouldn't worry too much... there have been differing reports .. I
thought we had a discussion chain and convinced ourselves of something but
now I can't remember.
Anyway noone ever has anything secret.
I'm pretty sure we decided that it was OK.
I have to say, I've never been entirely convinced it was OK. If the VOs
were happy with world readable files, then various things could be
simplified.
Indeed - they never state publicly that its ok - but in practise they set directories world readable. Its one of my hopes that we accept that practise and therefore simplify the various things. Anyway
Having said that, it does seem the default for DPM sites - so the
problem is at the DPM level.
Is there a DPM problem? - did you try Ewans directory :
For me it seems to obey the permissions set
Wahid
Ben can check particular
files that he thinks are strange by just querying the permissions on
them, and checking that ones that appear to be 'world' readable are
actually set that way. Of course, in this case 'world' is still only
the set of people with recognised grid certs anyway.
When we were first tinkering with this at Oxford I set up a directory
of files with differing levels of access[1] with the permissions set
via the SRM interface, and the webdav front end seems to give the
appropriate behaviour. Indeed, IIRC, a file with no access permissions
was correctly inaccessible via webdav, but could actually be read by
the owner by via SRM.
Ewan
[1] It's here, if anyone would like to (attempt to) peruse it:
https://t2se01.physics.ox.ac.uk/dpm/physics.ox.ac.uk/home/gridpp/chris_test/
Chris
