[ogsa-bes-wg] Re: [jsdl-wg] Questions and potential changes to JSDL, as seen from HPC Profile point-of-view
Andreas Savva
andreas.savva at jp.fujitsu.com
Tue Jun 13 01:09:48 CDT 2006
Comments inline.
Michel Drescher wrote:
> Donal K. Fellows wrote:
>> Marvin Theimer wrote:
>>> If we narrow the definitions of mountpoint and mountsource enough and
>>> precisely describe their semantics then we might arrive at something
>>> that could be fairly widely used. I’m thinking of things like saying
>>> that you can’t navigate “out” of a file system via “cd ..”, etc.
>>> This is definitely something to explore.
>>
>> Change "can't" to "shouldn't" and I'd agree. I don't regard the mount
>> stuff as being a way of describing security enforcement points. Systems
>> can do it that way, but at least some won't.
>
> +1 from me. In fact, I think this should be part of JSDL in a
> "maintenance release" sort of publication anyway.
-1 from me for adding this in JSDL. It is not a language issue. I do
think the HPC Profile should probably speak to this with respect to the
execution environment that a job should expect.
>
>> In fact, I'd be happy enough with the profile stating that paths in JSDL
>> documents should not contain either the "." or the ".." elements at all.
>> That's a fairly strong requirement and guarantees that the job won't
>> fail on systems where your style of semantics are enforced.
>
> Again, +1
> (and having it normatively mentioned in the JSDL publication)
>
I too see this is a profiling issue. I have no problem for the HPC
profile to make a stronger statement than the JSDL spec on this as a
security consideration.
So -1 from me for adding this in the JSDL spec normatively.
--
Andreas Savva
Fujitsu Laboratories Ltd
More information about the jsdl-wg
mailing list