Scenario:
 * GT 3.9.3 server running as a 'globus' user, providing GRAM services.
 * Authorised client that is mapped to a local 'client' account.

The GRAM server, during the setup for a job, writes a description file
/tmp/gram_job_mgrNNNNN as the 'globus' user.  This file is then read by a
process running as the 'client' user, which then parses it and follows the
instructions contained within.  

However, the GT server does not alter the permissions on this temporary file
after it has created it; thus, if the server is running under a sufficiently
restrictive umask the 'client' user will be unable to read the contents and the
job execution will fail with a generic "The job manager detected an invalid
script response" error.

One workaround for this problem is to run the server process with a more
permissive umask.

Ideally, the Globus server should be modified to either:
 - explicitly update the permissions on the temporary file after it has been
written, or 
 - throw a warning when started under a too-restrictive umask and give a more
specific error on job failure.

The former is obviously preferable.

FYI, the relevant bundle appears to be "globus_wsrf_gram_service_java-src" and
the call to create the temporary file can be found in the constructor of
src/org/globus/exec/service/job/jobmanager/JobManagerScript.java on line 101:

      this.descriptionFile = File.createTempFile("gram_job_mgr", null);

Cheers,
David