Sorry to keep everyone waiting. I promise I'm working on a response to all your questions but it may be until tomorrow (at work) when I have all the answers. Until then,
Nick On Wed, Jun 24, 2009 at 9:30 PM, Sam Lang <[email protected]> wrote: > > On Jun 24, 2009, at 3:55 PM, Sam Lang wrote: > >> >> It sounds like your approach to eliminating security holes is with >> "security by obscurity". In other words, if the client (or some rogue >> process acting as a client) does not know that the interface is there, he >> can't abuse it. I don't think that's the right approach, especially since >> PVFS is completely open source, and anyone can just look at the code. >> > > Rob points out that I don't really know about your security approach, so my > above comments may not be entirely appropriate. I guess what I was trying > to say is that it wasn't clear to me from a security perspective that moving > batch_create to the server would be helpful for you. I'd be interested to > hear about your security approach though, and will refrain from making > comments about it until I have a better understanding of it. :-) > > In a different context, Phil and I have discussed the issue of the server > knowing the source of a request. It turns out this isn't an easy thing to > do, at least for BMI tcp. Phil has added some code to BMI tcp in a separate > branch that provides the functionality internally in BMI, and it shouldn't > be hard to export the info through a get_info call. Let us know if that's > something you're interested in! > > -sam > >
_______________________________________________ Pvfs2-developers mailing list [email protected] http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
