[1063] in SIPB-AFS-requests
should we restrict rosebud login access?
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Tue Jul 27 17:26:28 1993
Date: Tue, 27 Jul 1993 17:26:21 -0400
From: "Jonathan I. Kamens" <jik@gza.com>
To: ckclark@mit.edu
Cc: sipb-afsreq@athena.mit.edu
In-Reply-To: <9307270755.AA02938@paris> (message from Calvin Clark on Tue, 27 Jul 93 03:55:56 -0400)
Date: Tue, 27 Jul 93 03:55:56 -0400
From: Calvin Clark <ckclark@MIT.EDU>
Now that I've restored rosebud to its previous state, it struck me that
since we have oliver, we no longer need rosebud as a build engine.
Therefore, we could restrict logins allow only kerberized and console
root logins. This would be better for cell security and reliability.
The last time I checked, oliver wasn't allowing people to log into it
remotely to do builds.
IF oliver lets people do remote Kerberos rlogin and rkinit, and IF the
binaries built on oliver will work on all of the RS/6000's in the
clusters, then I have no problem with removing rosebud's build-engine
status. Otherwise, it seems to me that it has to stay.
jik
