[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] condor 6.6.5 install problems

On Wed, Jun 30, 2004 at 05:07:00PM +0100, Kewley, J (John) wrote:
> > Condor is meant to be started and managed by root, so we have the
> > configuration file owned by root as well. 
> It is more practical for most of condor's management to be done by the
> condor
> user. We have 2 category of Linux m/c - personal workstation and server.
> Us mortals don't get access to run stuff as root on a server, so we have to
> have
> the sysadmin sit beside us :-)
> Personal workstation owners are even more protective of their machines!
> If I can install everything as root, and then do as much configuring as
> possible
> from another user, condor say, then there is less hassle all round.
> Further thoughts?

If Condor runs as root, allowing any user other than root to edit the
configuration file is a major security concern - if user 'condor' can
add entries to the DAEMON_LIST, for example, then user 'condor' can start
any process as root.