Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Condor WS BirdBath security questions

Date: Fri, 1 Sep 2006 11:29:29 -0500
From: Erik Paulson <epaulson@xxxxxxxxxxx>
Subject: Re: [Condor-users] Condor WS BirdBath security questions

On Mon, Aug 21, 2006 at 03:57:21PM +0100, Nathan Harmston wrote:
> Hi,
> 
> In order to use the Condor WS (BirdBath), it must be configured that Condor
> allows anonymous users to submit jobs. This of course to my departments
> SysAdmin seems very insecure. The problem occurs during the creation of a
> cluster for submission of a job and then when u submit a job, you only need
> a username (which doesnt map to an allowed user of the pool?),
> letsthrashtheharddrive.sh springs to mind.
> 
> Is there anyway to work around this and force Condor to authenicate users
> through the webservices interface ?
> Are there any plans to implement better security functionality in BirdBath
> anytime soon?

As of 6.7.20 the SOAP interface supports and prefers HTTPS, so you can get
strong authentication of users. In 6.8.0, you have to go out of your way 
to enable anonymous users, they're off by default.

-Erik

References:
- [Condor-users] Condor WS BirdBath security questions
  - From: Nathan Harmston

Prev by Date: Re: [Condor-users] kerberos auth problems...
Next by Date: Re: [Condor-users] Restrict pool to a single submit machine
Previous by thread: [Condor-users] Condor WS BirdBath security questions
Next by thread: Re: [Condor-users] Restrict pool to a single submit machine
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [Condor-users] Condor WS BirdBath security questions