'-auth-level 4' will require a successful gridmap lookup without performing the setuid.
Mike Gabriel Mateescu wrote:
Hello, While setting up a split GridFTP server, i.e., o front-end: control channel, runs as non-privileged user o back-end: data channel and IPC to front-end, runs as root I noticed the following limitation of the front-end server. When the front-end server runs as non-privileged user, one must disable authorization on the front-end server, i.e., set -auth-level 0(Alternatively, one must map all the DNs to the user running the front-end.)This is because, when doing authorization, the server performs two actions: (1) checks the DN against the grid map-file; (2) calls setuid()/setgid() to change the real ID to that defined in the grid map-file Now, step (2) is possible only when the process runs as root, or changes to the same ID. Therefore, (2) cannot be done when running the front-end as "globus". There seem to be two solutions to this problem: (a) Use sudo instead of setuid(), therefore allowing the user globus to change the ID; (b) Peform on the front-end only action (1) (check user DN) and delegate action (2) to the back end server. Are these or other solutions considered by the GridFTP team to allow the front-end server to perform authorization when running as a non-privileged user? Thank you. Gabriel
