[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Condor-users] security problems with Condor 7.6.2



Dear All,

 

I’m trying to set up a new Condor central manager / submit host using v. 7.6.2 but I’m tearing my

hair out over a potential security hole. It seems that if I give ordinary users WRITE access so that

the can submit jobs then they are also capable of reconfiguring the Condor installation (bit of

a scary thought !) and there seems to be no way of preventing them from doing this without

preventing them from submitting jobs (Catch 22).

 

In my condor_config I have

 

SEC_DEFAULT_AUTHENTICATION=REQUIRED

SEC_DEFAULT_AUTHENTICATION_METHODS=FS

 

CONDOR_USERS = smithic@xxxxxxxxxxxxxxx/ulgp5.liv.ac.uk

ADMIN_USERS  = condor@xxxxxxxxxxxxxxx/ulgp5.liv.ac.uk

 

ALLOW_WRITE =  $(CONDOR_USERS), $(ADMIN_USERS)

ALLOW_ADMINISTRATOR = $(ADMIN_USERS)

ALLOW_DAEMON = $(ADMIN_USERS)

ALLOW_CONFIG = $(ADMIN_USERS)

 

(I’ve not put in the execute hosts yet – I’m trying to keep it simple to begin with).

 

When I do a condor_reconfig as a non-admin user I get see this in MasterLog

 

PERMISSION GRANTED to smithic@xxxxxxxxxxxxxxx from host 138.253.100.17

for command 60012 (DC_RECONFIG_FULL), access level WRITE: reason:

WRITE authorization policy allows IP address 138.253.100.17; identifiers used for this remote host:

138.253.100.17,ulgp5.liv.ac.uk,ulgp5

 

It seems as if the host based authorization is taking precedence over the user based authorization.

I’m wondering if this is something to do with the move to drop/discourage the use of HOSTALLOW_*

 

Any help with this would be extremely useful as I’ve been stuck on this for a week now.

 

Many thanks,

 

-ian.

....

 

Advanced Research Computing,

University of Liverpool, UK.

 

PS I’m using Scientific Linux 6.1 on an x86_64 Dell server.