Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] security problems with Condor 7.6.2

Date: Tue, 16 Aug 2011 15:00:23 +0000
From: "Smith, Ian" <I.C.Smith@xxxxxxxxxxxxxxx>
Subject: Re: [Condor-users] security problems with Condor 7.6.2

-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx [mailto:condor-users-bounces@xxxxxxxxxxx] On Behalf Of Zachary Miller
Sent: 16 August 2011 13:57
To: Condor-Users Mail List
Subject: Re: [Condor-users] security problems with Condor 7.6.2

> An unprivileged user copies the system condor_config file and now has write
> access to their own copy.
> 
> They then edit their own copy to their lliking, point their CONDOR_CONFIG
> environment variable at it and issue a condor_reconfig.
> 
> Would this not change the system configuration ?

it would not change it.  when the condor_master receives the reconfig command,
the user's environment variable has no impact on the condor_master, and it
reads the condor_config from the same place it did before.  its environment is
separate from an arbitrary user's.

Thanks ! I'll sleep much sounder knowing that.

All the best

-ian.

References:
- [Condor-users] security problems with Condor 7.6.2
  - From: Smith, Ian
- Re: [Condor-users] security problems with Condor 7.6.2
  - From: Dan Bradley
- Re: [Condor-users] security problems with Condor 7.6.2
  - From: Smith, Ian
- Re: [Condor-users] security problems with Condor 7.6.2
  - From: Zachary Miller

Prev by Date: Re: [Condor-users] Machine ranking
Next by Date: Re: [Condor-users] Max number of nodes on a condor cluster
Previous by thread: Re: [Condor-users] security problems with Condor 7.6.2
Next by thread: [Condor-users] kill or pause a condor job as normal user
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [Condor-users] security problems with Condor 7.6.2