Rayson Ho <[email protected]> writes: > That's the main reason people switch on CSP mode, I guess. But there > are other features in CSP mode that are not available in MUNGE or the > privileged port mode - eg. encrypted daemon communication, and > blocking all users without certificates from accessing Grid Engine.
You could use MUNGE to do the same authorization thing. An encrypted channel is good, but some way down the list of security desiderata, I'd have thought. > If you have access to to the physical wire, then both MUNGE and > privileged ports are not good enough, as one can replay the network > packets $ cred=$(munge </dev/null) $ echo -n "$cred" | unmunge | head -n 1 STATUS: Success (0) $ echo -n "$cred" | unmunge | head -n 1 STATUS: Replayed credential (17) -- Community Grid Engine: http://arc.liv.ac.uk/SGE/ _______________________________________________ users mailing list [email protected] https://gridengine.org/mailman/listinfo/users
