[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [condor-users] Some questions concerning security in Condor

At 03:12 AM 2/26/2004, Mark Calleja wrote:

OK, here's another security-related question:

On systems where Condor is running as root, is it possible for the job's executable to be chroot'd? In particular, is it possible to MAKE Condor chroot the job's executable?

Once upon a time, long long ago when there was only the STANDARD universe, Condor did chroot for every job.

But at one point we stopped doing a chroot when VANILLA universe was added. Many VANILLA jobs want to access files via a shared filesystem (NFS, etc), and/or want to access files/programs stored on the local disk. Furthermore, even if you use the File Transfer facility in Condor, chroot is still a problem because of dynamic libraries. Many programs will need to access various library in /lib, /usr/lib, etc. On many Linux versions, annoyingly enough, even a statically linked binary will need access to some shared libraries (like the resolver, i believe).

These challenges make chroot more difficult than it would first appear, but certainly not impossible. For instance, perhaps if the Condor EXECUTE directory was on the same volume as /lib, Condor could simply make hard links in the sandbox to most common libraries and system binaries before doing a chroot.....

Thanks for raising this issue.... it is time for us to revisit the chroot possibilities again...


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Todd Tannenbaum University of Wisconsin-Madison Condor Project Research Department of Computer Sciences

Condor Support Information:
To Unsubscribe, send mail to majordomo@xxxxxxxxxxx with
unsubscribe condor-users <your_email_address>