[GE users] SGE authentication

Rayson Ho raysonho at eseenet.com
Tue Apr 13 03:16:21 BST 2004


    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "ISO-8859-10" character set.  ]
    [ Some special characters may be displayed incorrectly. ]

BTW, the SGE 5.3 release notes says that SSL is supported (if I remember
correctly), but source/security/security.html says that SSL security is a
work in progress... may be the doc needs to be updated??

Rayson


>Better yet, use CSP which uses PKI to validate users.  Due to the way it
>operates, it still assumes the filesystem is secure, but doesn't require
>that you trust every host on the network.
>
>Without either of these features (or kerberos support) enabled, SGE will
>allow anyone to run jobs as anyone else if they fake up a client or use
>a normal client with the right tricks (think port forwarding).  The
>default mode is actually worse then rsh.
>
>It would be nice if the GSSAPI support were expanded to include GSI
>support.  That would be really useful in grid enabled shops.
>
>-- Brooks
>
---------------------------------------------------------
Get your FREE E-mail account at http://www.eseenet.com !

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




More information about the gridengine-users mailing list