[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Condor-users] CONDOR Windows Client Security


We are currently setting up a Condor Grid to utilise the spare capacity
of our staff and student PCs and the question of security has been

Does anyone know if it is possible to submit a Condor job that can, for
instance, access (read, write, modify) the various user folders under
'documents and settings' or other secure folders?

I understand that the Condor service runs using the local system account
and this obviously has elevated privileges.  I have also come across the
dynamically created account 'condor-reuse-vm1' (it is shown as disabled)
which is a member of the local users group - is this the account that
Condor actually uses to run jobs locally??

Is it possible for a Condor job to perhaps add the 'condor-reuse-vm1'
user account to the local admin group and then obviously be potentially
able to access all folders and files?

We are guessing not, but it would be good to have a definitive answer on
this and thus put our users minds at rest.

Many thanks in advance.


Gregory Regan
Principal Computing Officer
University of Plymouth
Drake Circus

Tel: 01752 233930
Fax: 01752 233839
Mob: 07974 248036

E-mail: gregory.regan@xxxxxxxxxxxxxx