In some ways, Jon Buzzard's answer is correct. However, outside of GPFS consider: 1) It is certainly possible to provide a user-id that has at most read access to any files and devices. A user that cannot write any files on any device, but perhaps can view them with some applications on some display only devices.
2) Regardless of (1), I always say, much as Jon, "If you can read it, you can copy it!" Consider even in a secured facility on a secure, armored terminal with no means of electrical interfacing, subject to strip search, a spy can commit important secrets to memory. Or short of strip search, one can always transcribe (copy!) to paper, canvas, parchment, film, or photograph or otherwise "screen scrape" and copy an image and/or audio to any storage device. It has also been reported that spy agencies have devices that can screen scrape at a distance, by processing electro-magnetic signals (Radio, Microwave, ...) emanated from ordinary PCs, CRTs, and the like.
_______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
