Subject: Re: [Condor-users] security concern of condor
Wang,
The outcome is that condor job can't view the file, but dangerously
it can delete the file from D drive!
Condor jobs by default run as a regular user account named
condor-reuse-vm1. This account is created by Condor and is explicitly
given membership to the local Users group, and to log in as Batch.
That's it. If a member of the Users group can delete a file that doesn't
belong to them, that's an issue with the security policy (or lack
thereof) imposed by the file system, not with Condor, is it not?
It'd be nice if Condor had some kernel driver that watched over all of
our I/O to make sure it doesn't try to touch things outside the Condor
sandbox, but for now, if you're file permissions are too open, or you're
using FAT, it's your own fault. Am I missing something?
If you're still convinced that this is a security hole, send us the
output of 'cacls <filename>' so we can see what the permissions on the
file are.