Opened 15 years ago
Last modified 10 years ago
#334 new defect
IZ1984: an execd can always kill another execd as admin
Reported by: | templedf | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | sge | Version: | 6.0u4 |
Severity: | Keywords: | Sun qmaster | |
Cc: |
Description
[Imported from gridengine issuezilla http://gridengine.sunsource.net/issues/show_bug.cgi?id=1984]
Issue #: 1984 Platform: Sun Reporter: templedf (templedf) Component: gridengine OS: All Subcomponent: qmaster Version: 6.0u4 CC: None defined Status: NEW Priority: P3 Resolution: Issue type: DEFECT Target milestone: --- Assigned to: ernst (ernst) QA Contact: ernst URL: * Summary: an execd can always kill another execd as admin Status whiteboard: Attachments: Issue 1984 blocks: Votes for issue 1984: Opened: Thu Feb 16 12:21:00 -0700 2006 ------------------------ Regardless of whether the execd is a submit host or an admin host, it is always granted permission to kill an execution daemon if the user id allows it. The code which implements -ke only checks for host permissions on the client side, i.e. in qconf. The qmaster does not double-check. This leaves open the possibility of modifying qconf to always report the user as root and not to do the host permission check, to create a qconf which when run from an execd host can kill execds at will. I have not checked how far back the issue goes. It is at least in u4-u7. Would using CSP solve the problem?
Note: See
TracTickets for help on using
tickets.