Permission/Security

Augie_Henriques · October 27, 2000, 4:49pm

Hi.

In a multi QNX 4 node system.

Does any one know of a way to prevent file access from one node to another.
It seems root from any node can mess around on any of the other nodes.

In our research projects we will have several different groups (different
companies) networked together. Some of the groups do not wish to shared
information.

Thanks

Augie

Mario_Charest1 · October 27, 2000, 5:19pm

The only way I know is to have each network group go through a TCP ip
gateway, so then only TCP/IP is use to communicated between nework groups.

When using fleet one can prevent inbound access to a machine, but that
prevents it from ALL machines.

“Augie Henriques” <augieh@scieng.com> wrote in message
news:8tccs5$grb$1@inn.qnx.com…

Hi.

In a multi QNX 4 node system.

Does any one know of a way to prevent file access from one node to
another.
It seems root from any node can mess around on any of the other nodes.

In our research projects we will have several different groups (different
companies) networked together. Some of the groups do not wish to shared
information.

Thanks

Augie

David_Gibbs1 · October 27, 2000, 5:38pm

Augie Henriques <augieh@scieng.com> wrote:

Hi.

In a multi QNX 4 node system.

Does any one know of a way to prevent file access from one node to another.
It seems root from any node can mess around on any of the other nodes.

Yes, root can. When thinking about a QNX 4 FLEET network, it is a useful
model to think of the entire network as a single large computer distributed
over multiple CPUs.

In our research projects we will have several different groups (different
companies) networked together. Some of the groups do not wish to shared
information.

Have the people who don’t want to share use their own QNX network, seperate
netmaps that don’t have the licenses or MAC address information to allow
them to see (or respond) to any nodes outside their own group. If you
need some connectivity between the different groups, use TCP/IP.

-David

Bill_at_Sierra_Desig · October 27, 2000, 7:08pm

The thing that you have to remember is that QNX4 fleet mimicks a “Single
Image Computer” that just so happens to be implemented on many different
CPU’s. So all of the computers in your QNX 4 network are designed to behave
as if they are really one big computer.

Use Mario advise and use TCP/IP networking instead on fleet. Then you can
provide cross computer security.

Mario Charest <mcz@videotron.ca> wrote in message
news:8tcdb8$h2f$1@inn.qnx.com…

The only way I know is to have each network group go through a TCP ip
gateway, so then only TCP/IP is use to communicated between nework groups.

When using fleet one can prevent inbound access to a machine, but that
prevents it from ALL machines.

“Augie Henriques” <> augieh@scieng.com> > wrote in message
news:8tccs5$grb$> 1@inn.qnx.com> …
Hi.

In a multi QNX 4 node system.

Does any one know of a way to prevent file access from one node to
another.
It seems root from any node can mess around on any of the other nodes.

In our research projects we will have several different groups
(different
companies) networked together. Some of the groups do not wish to shared
information.

Thanks

Augie
\