[Pipet Devel] Re: Security model
J.W. Bizzaro
bizzaro at geoserve.net
Fri Apr 7 19:23:07 EDT 2000
jarl van katwijk wrote:
>
> The only problem with remote DL's is that the (local) root DL must know about
> that remote one in order to authoritized it.
Hmmm. So, DL do authorization, but the connection between remote DL's and the
local BL is direct?
> OK, so this means will will have a system that is like the unix user\group
> system,
> only groups have passwords too in VSH!
>
> group ~~ BL level (DL id & DL password give access to whole set of subnets
> and nodes that are childs of that DL)
> user ~~ DL level (??? id & ??? password give access to subset of the
> subnets and nodes that are childs of that DL)
I'm not sure I understand why group is BL level and user is DL level.
And, why would you have a group password? The reason Unix doesn't have group
passwords is because everyone must log in as a user anyway. Are you saying
someone can have group access without logging in as a user?
> Yeppo!
> The root DL will only be there to grant others access and do some very-very-very
> basic subnet processing.
> The most work will spawn out of other DL's.
Okay...I think I understand.
> No, they have access to the nodes created with THEIR DLid.
> And yes, this makes it possible to have multiple logins on the same DLid.
> To get access to another DL's nodes, use login 'level' (?) 2.
> We should therefor deside if it can be possible for a DL to login to another DL
> and to a BL at the same time. I didn't though about the consequences yet..
You mean in addition to logging into the root DL?
Cheers.
Jeff
--
+----------------------------------+
| J.W. Bizzaro |
| |
| http://bioinformatics.org/~jeff/ |
| |
| BIOINFORMATICS.ORG |
| The Open Lab |
| |
| http://bioinformatics.org/ |
+----------------------------------+
More information about the Pipet-Devel
mailing list