Re: [Condor-users] SSL authentication problem

["Smith, Ian" <I.C.Smith@xxxxxxxxxxxxxxx>]

> -----Original Message-----
> From: condor-users-bounces@xxxxxxxxxxx [mailto:condor-users-
> bounces@xxxxxxxxxxx] On Behalf Of Pascal Jermini
> Sent: 04 June 2008 20:53
> To: condor-users@xxxxxxxxxxx
> Subject: Re: [Condor-users] SSL authentication problem
> 
> > > PS I'm still at loss to see what is stopping malicious users just
> > > copying
> > > the host cert elsewhere. Unless it can be made readable only by the
> > > Condor
> > > processes under Windows ??
> >
> > I believe that it can be.  Condor processes usually run as 'system' so
> > if you configure your permissions so that only 'system' and
> > administrators can access 'c:\condor\ssl', the users shouldn't be able
> > to access those files, but the Condor daemons should be able to.
> 
> I can confirm that it is indeed the case. In our case we modified the ACLs on
> the directory by removing all access to the "Everyone" built-in group, but
> leaving access to the Administrators group. This effectively avoids having
> users copying around SSL certificates.
> 
> We also have a similar setup under Linux, where the directory containing the
> certificates belongs to the "condor" user and group.
> 
> Pascal

Thanks for this. I'll need to contact our Windows people about implementing
it in a NAL. Incidently, if I've set up the central manager security correctly,
a malicious user with a copy of the cert could only set up rogue execution 
hosts with it (my main concern was rogue submit hosts). I imagine this is only
really a problem if Condor users' data is sensitive. 

-ian.