Changes between Version 23 and Version 24 of RemoteJob


Ignore:
Timestamp:
Feb 23, 2011, 6:50:50 AM (13 years ago)
Author:
tonig
Comment:

security

Legend:

Unmodified
Added
Removed
Modified

  • RemoteJob

    v23 v24  
    7979 * Customize the WU and result template files, as directed below. This will RBoinc-enable Boinc ''applications'' of your choice.
    8080 * If desired, install the SQL stored procedures (monitoring components).
     81
     82
     83=== Security considerations ===
     84
     85Servers and scientist's workstation should be on
     86the same intranet and the RBoinc server ports should be firewalled. RBoinc is not meant
     87to be exposed to the Internet. It should be however easy
     88to modify the software to implement the two following protection mechanisms:
     89
     90 * Generic access control, i.e. only allowing authorized users to upload files to the DAV server. This is achieved by setting an access list to the WebDAV directory, with one entry per user. The rboinc clients should then use HTTP-based authentication to gain access to it.
     91 * Scientist isolation. Currently, scientists can use the "-user" parameter to impersonate each other and work on a shared project. If this is not desired, the client should send a per-user authentication token (ideally the usual BOINC authenticator), and the rboinc server should check this against the requested group.
    8192
    8293
     
    298309
    299310
    300 (Many thanks to B.D.).
     311(Many thanks to Boris Dayma).