Hi,
NorthGrid is switching RGMA off until an official patch is sent around.
cheers
alessandra
--
********************************************
* Dr Alessandra Forti *
* Technical Coordinator - NorthGrid Tier2 *
* http://www.hep.man.ac.uk/u/aforti *
********************************************
---------- Forwarded message ----------
From: Ian Neilson <[log in to unmask]>
To:
"project-eu-egee-roc-security-coordination (Discussion of EGEE operational s
curity coordination issues)"
<[log in to unmask]>
Date: Mon, 28 Nov 2005 12:22:22 +0100
Subject: FW: Grid Security Advisory: R-GMA used to bypass site firewall controls
I believe you should have received this notice as registered security
contacts but, for your information below is a copy of a notice sent this
morning.
| Ian Neilson
| Grid Deployment Group, CERN
| Tel: +41(0)2276 74929 [Fax: 69294]
-----Original Message-----
From: Ian Neilson [mailto:[log in to unmask]]
Sent: 28 November 2005 11:48
To: Ian Neilson
Subject: Grid Security Advisory: R-GMA used to bypass site firewall
controls
Following recent public disclosure by Kostas Georgiou of Imperial
College
of previously unpublished exploits which could lead to the bypassing of
site firewall controls, the Grid Operations Team and Security Officer
recommend that sites switch off R-GMA until such time as an appropriate
fix can be put in place.
To do this you should log on to your MON box or the node running the
R-GMA servlets and run the following command.
/sbin/service tomcat5 stop
| Ian Neilson
| Grid Deployment Group, CERN
| Tel: +41(0)2276 74929 [Fax: 69294]
|