Mailing List Archives

Authenticated access

 		[Computer Systems Lab]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] How to run jobs as root

Thanks all for the confirmation.


I too did find a lot of checks implemented in code to make sure things dont go back to root. Humm ... added a redirection over the components in my design ... :)

Will keep posting if I find anything concerning there.

Thanks all for a gr8 response.

Have a nice day!


Warm Regards,
Abhay Dandekar

On Mon, Nov 3, 2014 at 9:33 PM, Rich Pieri <ratinox@xxxxxxx> wrote:
On 11/3/14 10:53 AM, Zachary Miller wrote:
>Â Â3) Create a USER_JOB_WRAPPER that *CAREFULLY* checks to see if it's running
>Â Â Â as "croot" and uses a setuid executable to escalate to root priv before
>Â Â Â running the actual job.

I still maintain that reimplementation without the UID 0 requirement is
the best course. That said, using sudo is a much safer mechanism for
elevating privileges than using setuid binaries.

--
Rich Pieri <ratinox@xxxxxxx>
MIT Laboratory for Nuclear Science
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/