[AG-TECH] sever, roles & actions

Rosario Lombardo rosario.lombardo at isti.cnr.it
Thu Feb 16 03:40:39 CST 2006

Thanks Tom!
Now my problem is that after playing with those fancy actions... some 
people cannot anymore upload and/or start Shared Presentations...
unless I grant everything to everybody: not that fair.
Should I just copy from a clean server install the VenueServer.(cfg|dat) 

Could it be possible to tweak or reset, somehow, the config using the 
AGTk tools and infrastructure?


Thomas D. Uram wrote:
> Hello Rosario:
> A complete security policy would, as you say, employ an encrypted
> Venue and some changes to the roles/actions for a Venue.  We have,
> unfortunately, not clarified the changes that must be made to the
> actions list to prevent entry or access to critical data.
> Rather than do that, though, I'd recommend this:
> - Add the users you want to allow into the Venue to the AllowedEntry
> role.  This will allow these users into the Venue, and allow them to
> perform the actions that are, by default, allowed to venue users.
> - Unauthorize all actions for the Everybody role.  For a secure Venue,
> you don't need to allow random people to perform any actions whatsoever.
> If you want to make the Venue publicly accessible again later, you can
> again authorize the set of actions for the Everybody role.
> If you have more questions, please don't hesitate to ask.
> Tom Uram
> On 2/15/06 7:12 AM, Rosario Lombardo wrote:
>> Hello everybody,
>> in order to enforce a security policy for a Virtual Venue Server are 
>> required encrypted Venues and a some control over Actions and Roles 
>> (maybe something else?).
>> - Specifically, which set of actions (dis/)allow uploading and 
>> deleting files, starting/deleting SharedApp sessions, and similar 
>> simple tasks?
>> - More generally speaking, which set of actions are involved in a 
>> less simpler security policy dealing with various authorization 
>> classes (Roles)?
>> I had a look at the docs, API, and also to AGEP-0105.txt draft, but I 
>> can't find any single description of the dozens of actions, 
>> differently grouped in Server Security and Venue Security tabs.
>> Thanks,
>> \\Rosario
>> -- 
>> Rosario Lombardo
>> Information Science and Technology Institute (ISTI) - Cnr, Italy
>> rosario.lombardo at isti.cnr.it <mailto:rosario.lombardo at isti.cnr.it>   
>> *-*   http://hpc.isti.cnr.it/~lombardo 
>> <http://hpc.isti.cnr.it/%7Elombardo>
>> phone: +39 050-315-3076

More information about the ag-tech mailing list