[GE users] reserved ports in SGE 6.0

Andy Schwierskott andy.schwierskott at sun.com
Wed Nov 24 09:04:12 GMT 2004


Hi,

>>>> if you don't have a secure filesystem (like AFS) of course it means your
>>>> certificates needs to be on a local filesystem to have the full security
>>>> needs addressed.
>>>
>>> Lets suppose that the cluster has a physically secure LAN (such as I
>>> have).  Someone putting a rogue machine on the network becomes less of a
>>> concern (and that's the main disadvantage I see of reserved ports).  At
>>> that point the only way for someone to break the security is for them to
>>> gain root privileges on a machine.  However, even with AFS, all someone
>>> has to do is become root, wait for you to login, then a few environment
>>> variable changes and they have access to all your files in AFS.  As
>>> such, I'm not sure that AFS with CSP is any more secure than reserved
>>> ports, in what I consider to be the common case of having a physically
>>> secure LAN.
>>
>> I think I'm not getting the point - in AFS it doesn't help you to be root I
>> think - with the special AFS login binary user root cannot simply login as a
>> norm user and get access to the user's home directory. Same would be with
>> DCE.
>
> I believe that Sean is referring to something along the lines of a "Man
> in the Middle" security attack, which is fairly trivial if you have a
> compromised root on a machine other users log into.

Yes, but on a AFS machine (machine wiht AFS mounted filesystems), even if
someone breaks the root account he still cannot access the home directories
of AFS users and thus could not submit jobs on behalf of these users since
the keys stored o nthe home directories are not accessible.

AFS users -> can you confirm?

Andy

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




More information about the gridengine-users mailing list