[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

20000131: ADDE server issues (cont.)

Subject: 20000131: ADDE server issues (cont.)
Date: Mon, 31 Jan 2000 12:14:53 -0700

>From: "Guillory, Anthony" <address@hidden>
>Organization: NASA/MSFC
>Keywords: 200001311730.KAA02738 McIDAS ADDE accounting

Anthony,

>I'm going to show my limited knowledge of the interworking of Unix/McIDAS
>here.  But from what I remember we opted not to run the McIDAS accounting
>s/w because of security concerns and that's why we opted for the approach
>that we did (Unix Services deny/allow files - ok, I don't know the
>"official" names but you know what I mean).

I talked to my system administrator, and he said that the log messages
you sent along are from TCP wrappers.

>But you do have a point about
>the reverse name lookup.

The reason I mentioned this was that it is an important issue in our
LDM system also.

>I've seen that problem appear before but for other
>services - namely telnet and ftp.  Will check that one!!!!

I'll ask my sysadmin about this.  He will probably be able to answer this
off of the top of his head.

>And to mention
>another thing Tom brought out - once you have access to our server you have
>access to everything within ADDE there are no limitations other than
>read-only.

Right.  This is the problem I have with both use of TCP wrappers and
the SSEC ADDE McIDAS accounting system.  I think that the end user should
have very fine scale control over data set access.

>But I do understand Unidata concern about NLDN data, etc.  we
>have similar datasets that are not accessible.

It seems like every site that I talk to says the exact same thing.  There
is a general desire to allow just about everyone to get access to most
datasets, but there is also a great need to have the ability to deny access
to certain datasets on a case-by-case (even user-by-user) basis.

>Tom, I agree we (MSFC and Unidata) should talk about data (we have processor
>and disk limitations to consider on our end).

I understand completely.

>Unfortunately, I'll have to
>take a look at things a little later in the week.  Stay on my case!

Will do.  You have so much to offer our community that I will have to
maintain our dialogue.

>I have
>to get a talk ready for a Rotary Club talk tomorrow, so I'm kinda rushed at
>the moment.

Talk to you later...

Tom

Prev by Date: 20000131: ADDE server issues
Next by Date: 20000128: testing mcidas 7.604 (cont.)
Previous by thread: 20000131: ADDE server issues
Next by thread: 20000131: ADDE server issues (cont.)
Index(es):
- Date
- Thread