[saga-rg] Re: comment on SAGA strawman doc.
John Shalf
jshalf at lbl.gov
Fri Jul 29 12:47:33 CDT 2005
On Jul 27, 2005, at 2:37 AM, Thilo Kielmann wrote:
> All,
>
>> since we have not approached ACLs yet, and since I am not
>> really knowladgable about security, I have no answer.
>
>>> if you issue a copy command and the source is not owned by you but
>>> you have read permission (say through ACLs). and it is a recursive
>>> copy;
>>> how do you propagate permission information to the target? do you
>>> make
>>> everything owned by the person whe issues the copy (which may be a
>>> service!)
>>> or do you copy the ACLs and the permissions along with the file (ie
>>> metadata
>>> copy)? how do you make sure that the same users exist then on the
>>> target
>>> site?
>
> IMHO, there is only one sensible solution: the new owner of the copy
> determines access control to the newly created file. That should be a
> policy decision local to the target site.
>
> However, controling this from the SAGA API may be 'interesting'.
> So, should there be some kind of property determining access control
> for files and directories to be created?
> (I am afraid, we are stressing the "S" for simplicity if we are
> working towards a comprehensive solution...)
>
> Any thoughts?
My current thought on this is that file permissions management is a
serious problem and it is quite unfortunate that it has been mostly
overlooked in much of the current grid middleware. I can move files,
but I can't use the same interface that I used to move the files around
to manage the permissions on said files. Its something that I've
complained about for years to no avail. This deficiency has led to a
number of significant problems in many collaboratory projects, but I
haven't seen it adequately addressed by any "completed" or "deployed"
standard as of yet. Am I missing something or is there a group that is
working on solving this problem as I speak? (I don't know because DOE
doesn't let me go to grid meetings anymore)
So getting back to SAGA, while I think that permissions management is
an important and oft-neglected aspect of distributed file access
middleware, I don't actually see any "standard" solutions to the
problem. Since SAGA is supposed to be an API standardization rather
than trying to write a "new grid" or fix any deficiencies in current
middleware, the proper approach is to not attempt to address this issue
until we see more middleware implementations that actually implement
this feature. For the time being, its probably best to use the
convention that Thilo mentions above because its pretty much what we
are doing currently with grid file movers. This is kind of sad as far
as solutions are concerned, but its probably good to set aside
standardization of features in SAGA that are not already apparent in
mainstream grid software implementations.
-john
More information about the saga-rg
mailing list