Original Savannah ticket 95746 reported by wildish on Thu Jun 28 05:49:30 2012.
Since the daily report contains the names of schema objects, it should not be made visible to the outside world. Currently it's readable by anyone, it should at least be protected by requiring a valid certificate or password (if we ever allow that again!).
This is not high priority because:
a) it's been like this for years, so the information is quite likely out there anyway
b) the PhEDEx schema, like the rest of the code, is available through anonymous CVS.
c) someone would still need access to an account with write privileges in order to do damage, and anyone with such access could look up the information directly from the database anyway.
Original Savannah ticket 95746 reported by wildish on Thu Jun 28 05:49:30 2012.
Since the daily report contains the names of schema objects, it should not be made visible to the outside world. Currently it's readable by anyone, it should at least be protected by requiring a valid certificate or password (if we ever allow that again!).
This is not high priority because: a) it's been like this for years, so the information is quite likely out there anyway b) the PhEDEx schema, like the rest of the code, is available through anonymous CVS. c) someone would still need access to an account with write privileges in order to do damage, and anyone with such access could look up the information directly from the database anyway.