Sometimes the HTCondor daemons parse the config files while running as root. and there are statements in the config file that can result in running programs, (config include statements, STARTD_CRON_*, etc) thus an attacker who can edit your config can run a program of their choice as root.
The best mitigation for this is to set the SETTABLE_ATTRS… family of options so that only configuration variables that can’t be abused in this way can be changed. If you allow only START to be set, for instance, then there is no risk of an attacker executing arbitrary code.
This is in addition to setting up security to prevent unauthorized users from changing the config.
Where can I find more information on the "potential security implications" mentioned in the manual on ENABLE_RUNTIME_CONFIG (see below)?
What do admins have to do in order to eliminate this vulnerability? Would it be enough to set up a SSL connection between central server and execute nodes?