[Lustre-devel] FW: security: MGS connection

Eric Barton eeb at sun.com
Wed Jun 4 06:06:07 PDT 2008

Any comments on the security issue mentioned below?

-----Original Message-----
From: Peter.Braam at Sun.COM [mailto:Peter.Braam at Sun.COM] 
Sent: 04 June 2008 3:03 AM
To: Eric Barton
Cc: Eric.Mei at Sun.COM
Subject: Re: security: MGS connection

Please forward to lustre-devel?

On 6/3/08 5:27 AM, "Eric Barton" <eeb at sun.com> wrote:

> Peter,
> I understand from Eric Mei that the connection to the MGS
> to obtain the filesystem configuration (including security) is
> itself never secured.  This seems like a defect to me.  Do you
> agree?  

Yes, but it needs to be secured with a static authentication associated with
the system, not with a particular user.  I don't know exactly how this
works, but it will be similar in spirit to a srvtab file that authenticates
a server to the KDC.

> I'm no expert, so I don't know whether generic node security
> configuration could/should be consulted to determine how to secure
> this initial MGS connection.  If not, do you think that allowing
> it to be specified in the lustre mount options is a good/sufficient
> solution?

Yes, like a pointer to a cookie file or similar.

Thanks for catching this.


>  It would be bad to give the impression the whole mount
> was secured if only the MGS connection was...
>     Cheers,
>               Eric

More information about the lustre-devel mailing list