[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
20000131: ADDE server issues (cont.)
- Subject: 20000131: ADDE server issues (cont.)
- Date: Mon, 31 Jan 2000 12:14:53 -0700
>From: "Guillory, Anthony" <address@hidden>
>Organization: NASA/MSFC
>Keywords: 200001311730.KAA02738 McIDAS ADDE accounting
Anthony,
>I'm going to show my limited knowledge of the interworking of Unix/McIDAS
>here. But from what I remember we opted not to run the McIDAS accounting
>s/w because of security concerns and that's why we opted for the approach
>that we did (Unix Services deny/allow files - ok, I don't know the
>"official" names but you know what I mean).
I talked to my system administrator, and he said that the log messages
you sent along are from TCP wrappers.
>But you do have a point about
>the reverse name lookup.
The reason I mentioned this was that it is an important issue in our
LDM system also.
>I've seen that problem appear before but for other
>services - namely telnet and ftp. Will check that one!!!!
I'll ask my sysadmin about this. He will probably be able to answer this
off of the top of his head.
>And to mention
>another thing Tom brought out - once you have access to our server you have
>access to everything within ADDE there are no limitations other than
>read-only.
Right. This is the problem I have with both use of TCP wrappers and
the SSEC ADDE McIDAS accounting system. I think that the end user should
have very fine scale control over data set access.
>But I do understand Unidata concern about NLDN data, etc. we
>have similar datasets that are not accessible.
It seems like every site that I talk to says the exact same thing. There
is a general desire to allow just about everyone to get access to most
datasets, but there is also a great need to have the ability to deny access
to certain datasets on a case-by-case (even user-by-user) basis.
>Tom, I agree we (MSFC and Unidata) should talk about data (we have processor
>and disk limitations to consider on our end).
I understand completely.
>Unfortunately, I'll have to
>take a look at things a little later in the week. Stay on my case!
Will do. You have so much to offer our community that I will have to
maintain our dialogue.
>I have
>to get a talk ready for a Rotary Club talk tomorrow, so I'm kinda rushed at
>the moment.
Talk to you later...
Tom
