[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] How can I prevent condor_status to provide info onthe pool PCs?
- Date: Fri, 20 Feb 2009 16:40:26 -0800 (PST)
- From: Rob <spamrefuse@xxxxxxxxx>
- Subject: Re: [Condor-users] How can I prevent condor_status to provide info onthe pool PCs?
Ian Chesal wrote:
> Don't put condor_status on the machines. You'll want it to be available
> from a network location for debugging purposes but you don't need to
> putit on the machines running jobs.
This is a rather insecure solution. An evil person at a public library PC
may reinstall the condor_status executable and query the pool of PCs....
I was looking for a solution, which configures the central manager such that
it permits condor status queries *ONLY* to by the central manager itself.
I thought the HOSTALLOW_READ macro in the central manager's
config file would control this; but that does not seem to work.
Hence, is there then no way to configure the central manager in such
a way that it does not give the full pool information to all the pool PCs?