[Mauiusers] Maui LD_PRELOAD attack
miguel.ros at bsc.es
Fri Apr 11 00:58:28 MDT 2008
> Maui (and presumably, moab) does not provide user-level authentication, only
> host-level authentication via IP address. The user-based authentication is a
> fig-leaf: the client specifies which user they are and the server believes
> them. There's some effort to provide authenticated clients (a shared
> password), but it is ineffective and actually works against some production
> This is in contrast to how torque provides security. From memory, the client
> obtains a token from a suid binary. The suid binary communicates with the
> server to obtain a challenge the server issues. This works with privileged
> ports (<1024), so mandating the suid-bit.
Maybe I've misunderstood something, but I think that a similar level of
is what provides the Maui patch that I've sent to the list. It adds
authentication from a suid binary (mauth) that is not compiled by default.
More information about the mauiusers