[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] is condor open source?



On 4/11/07, o c <send_junk_here_10101@xxxxxxxxxxx> wrote:
Great stuff - thank you Dan for clearing that up. Hope
you didn't take offence at being named in my original
post.

I don't mean to twist your words but is it fair to say
that the security issue means you've been relying on
"Security through obscurity"?

Given that some institutions have been issued code,
does that put those who have not at a disadvantage?

I would think that the reason is simply that:

1) Any time you make something public people will start to rely in
some way on that.
2) The changes required for security alterations will be far reaching
- just look at the 6.9.2 addition of a separate daemon under the hood.

this will lead to two main problems:
1) Until privilege separation is well defined the acceptance of
patches would be an onerous task for the condor team to prevent
intended or unintended security issues being included.
2) acceptance of patches will be onerous as the code is heavily
refactored but no public cvs *access is available to make this easier.

I find very few open source projects work if there is a significant
barrier to user's contributions making it back into the tree. Look at
the effort expended by people to get their changes in the main trunk
of Linux...

Until condor's source and development infrastructure can handle this
(and remember a vast amount of their funding will come from targeted
grants which are looking for a particular feature)  think simply
dumping the source to the world would be a bad idea if it compromised
getting a decent OSS solution further down the line.

The team have shown that they are amenable to including the users in
decisions where appropriate and accepting input...If you have some I
suggest you talk to the team.

Matt

* source control of your choice