[Swift-devel] Re: latest Falkon code is in SVN!

Ioan Raicu iraicu at cs.uchicago.edu
Thu Sep 6 22:26:54 CDT 2007


You took my comment out of context.  I said:
> I would argue for having the default with no security enabled, 
> especially between workers and the service. 
So, again, this states that the default security level between service 
and workers be without any security... I think it is OK (maybe even 
preferred) to have the default security be enabled for the clients / 
Falkon provider.  I still don't understand why you are saying that no 
security implies "negligently broken", as that is what Condor and PBS do 
as well.  The only entities injecting work into Falkon are the clients 
(not the workers), and hence I agree that its important to protect 
against clients by adding some default security.  Not protecting against 
the workers might simply allow wholes in the system for denial of 
service attacks, but I don't see how arbitrary code from anyone could 
possibly be run if the single entry point into the service (the client 
interface) is protected.

I really don't care what you set the defaults to, my only point and 
argument was that I wanted to make things easiest on the end-users!

Ioan

Ben Clifford wrote:
> On Wed, 5 Sep 2007, Ioan Raicu wrote:
>
>   
>> I would argue for having the default with no security enabled
>>     
>
> Giving software out to users that by default allows any person anywhere on 
> the internet can execute arbitrary code as them seems negligently broken.
>
>   

-- 
============================================
Ioan Raicu
Ph.D. Student
============================================
Distributed Systems Laboratory
Computer Science Department
University of Chicago
1100 E. 58th Street, Ryerson Hall
Chicago, IL 60637
============================================
Email: iraicu at cs.uchicago.edu
Web:   http://www.cs.uchicago.edu/~iraicu
       http://dsl.cs.uchicago.edu/
============================================
============================================

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mcs.anl.gov/pipermail/swift-devel/attachments/20070906/f2fbcc1b/attachment.html>


More information about the Swift-devel mailing list