[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] How can I prevent condor_status to provide info onthe pool PCs?

Ian Chesal wrote:
> Don't put condor_status on the machines. You'll want it to be available
> from a network location for debugging purposes but you don't need to
> putit on the machines running jobs.

This is a rather insecure solution. An evil person at a public library PC
may reinstall the condor_status executable and query the pool of PCs....

I was looking for a solution, which configures the central manager such that
it permits condor status queries *ONLY* to by the central manager itself.
I thought the HOSTALLOW_READ macro in the central manager's
config file would control this; but that does not seem to work.

Hence, is there then no way to configure the central manager in such
a way that it does not give the full pool information to all the pool PCs?