[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] condor_ssh_to_job

On 2013-08-22 18:36, Rich Pieri wrote:
Dimitri Maziuk wrote:

The other is per-slot users. I'm not sure I buy the "trample over other
nobody's jobs' files" argument

It takes almost no effort. All a malicious user needs to do is submit a
job that runs on the same node as the victim's job. chroot jails do not
protect a process's address space or the process itself. If a process is
running as UID nobody then any other process running as UID nobody can
peruse and scribble on the first process's allocated memory.

Last I looked (not this century, admittedly), virtual address spaces were supposed to make that a bit harder than "almost no effort".

processes running as UID nobody can issue signals to the first process
causing it to crash or dump core or what have you.

Yes. But you'd have to know the PID. Or kill everything. For that latter one, there are easier ways to DOS a box.

I didn't say "I don't get it", I said "I'm not sure I buy it". ;)