[gpfsug-discuss] How can we give read access to GPFS data with restricting data copy.

Marc A Kaplan makaplan at us.ibm.com
Sat Nov 28 17:49:42 GMT 2015


In some ways, Jon Buzzard's answer is correct. 

However,  outside of GPFS consider:
1)  It is certainly possible to provide a user-id that has at most read 
access to any files and devices.  A user that cannot write any files on 
any device, but perhaps can view them with some applications on some 
display only devices.

2) Regardless of (1), I always say, much as Jon,  "If you can read it, you 
can copy it!"  Consider even in a secured facility on a secure, armored 
terminal with no means of electrical interfacing, subject to strip search, 
a spy can commit important secrets to memory. 

Or short of strip search, one can always transcribe (copy!) to paper, 
canvas, parchment, film, or photograph or otherwise "screen scrape" and 
copy an image and/or audio to any storage device.

It has also been reported that spy agencies have devices that can screen 
scrape at a distance, by processing electro-magnetic signals (Radio, 
Microwave, ...) emanated from ordinary PCs, CRTs, and the like. 





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20151128/922a243e/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 21994 bytes
Desc: not available
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20151128/922a243e/attachment-0002.gif>


More information about the gpfsug-discuss mailing list