[Beowulf] Re: "hobbyists"

Joe Landman landman at scalableinformatics.com
Thu Jun 19 17:33:40 PDT 2008


Kilian CAVALOTTI wrote:
> On Thursday 19 June 2008 05:08:43 pm Joe Landman wrote:
>> SElinux and Apparmor try to limit the damage
>> even in a secure setting, though I am not sure how well they do
>> there.
> 
> If you want/need to use things like Lustre, for instance, you can forgot 
> about SELinux and AppArmor, it simply doesn't work.

In the Lustre release notes:

	"Do not laugh in the presence of Lustre, for it is
	 subtle and quick to anger".

(for those who aren't sure, this is an attempt at humor ... no need to 
skewer me over "anti-Lustre" comments ...)

> 
> Isn't it a common practice in HPC to keep security rules relatively 
> relaxed *inside* a cluster (passwordless logins between compute nodes 
> for instance), whilst trying to harden the links to the external world?

Yes.  Leave the window wide open while bolting the door tight ...  :(

> 
> I mean, most of the scientific applications haven't precisely been 
> designed with security as their first concern, have they?

I would be happy if they had better code than

	if (!(fdopen( ... )) {
	   printf "I died\n";
	   exit(-1);
	}



> 
> Cheers


-- 
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web  : http://www.scalableinformatics.com
        http://jackrabbit.scalableinformatics.com
phone: +1 734 786 8423
fax  : +1 866 888 3112
cell : +1 734 612 4615



More information about the Beowulf mailing list