archive mirror
 help / color / mirror / Atom feed
* Re: [lustre-devel] o2iblnd/socklnd security
       [not found] <>
@ 2021-01-06  9:33 ` Degremont, Aurelien
  0 siblings, 0 replies; only message in thread
From: Degremont, Aurelien @ 2021-01-06  9:33 UTC (permalink / raw)
  To: Amir Shehata, Lustre Development List

[-- Attachment #1.1: Type: text/plain, Size: 1358 bytes --]

Based on my experience, people usually enforced privileged ports (this is default anyway, no?)
I only see complex setups where this could be a problem for admin, but what problem this option is causing to you?

You should probably send that to lustre-discuss if you want to have a simple survey of what people are using.

De : lustre-devel <> au nom de Amir Shehata <>
Date : mercredi 6 janvier 2021 à 00:18
À : Lustre Development List <>
Objet : [EXTERNAL] [lustre-devel] o2iblnd/socklnd security

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


Currently o2iblnd has two parameters

use_privileged_port and require_privileged_port to control the port range to use. They control whether to use/accept a privileged port (1 -1023) or any port.

Similarly socklnd has a similar parameter: accept_type. If set to "all" then any port range is accepted otherwise, only a privileged port is accepted.

I'm trying to get a better idea of how these are being used on sites. And if so do sites value this level of control? IE do these parameters provide a level of security which is deemed valuable?


[-- Attachment #1.2: Type: text/html, Size: 5027 bytes --]

[-- Attachment #2: Type: text/plain, Size: 165 bytes --]

lustre-devel mailing list

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2021-01-06  9:33 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <>
2021-01-06  9:33 ` [lustre-devel] o2iblnd/socklnd security Degremont, Aurelien

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).