Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
|
Hi,
Where can I find more information on the "potential security implications" mentioned in the manual
on ENABLE_RUNTIME_CONFIG (see below)?
What do admins have to do in order to eliminate this vulnerability?
Would it be enough to set up a SSL connection between central server and execute nodes?
ENABLE_RUNTIME_CONFIG The condor_config_val tool has an option -rset for dynamically setting run time configuration values, and which only affect the in-memory configuration variables. Because of the potential security implications of this feature, by default, HTCondor daemons will not honor these requests. To use this functionality, HTCondor administrators must specifically enable it by setting ENABLE_RUNTIME_CONFIG to True, and specify what configuration variables can be changed using the SETTABLE_ATTRS... family of configuration options. Defaults to False. Regards, Lukas --
Lukas Koschmieder Steel Institute IEHK RWTH Aachen University Intzestraße 1 52072 Aachen Germany Tel: +49 (0)241 80 95823 Fax: +49 (0)241 80 92253 lukas.koschmieder@xxxxxxxxxxxxxxxxxxx lukas.koschmieder@xxxxxxxxxxxxxxxxxxx lukas.koschmieder@xxxxxxxxxxxxxx http://www.iehk.rwth-aachen.de http://www.icme.rwth-aachen.de http://aixvipmap.rwth-aachen.de |