[torquedev] TORQUE authorization security vulnerability

"Mgr. Šimon Tóth" toth at fi.muni.cz
Tue Aug 9 14:40:00 MDT 2011


> I do not know how wide spread this is but there is a security vulnerability in the TORQUE authorization between client and server when using the default authorization method. Using MUNGE closes this hole but we would like to add an additional, more universal secure authorization method.

There was a high risk security advisory from EGI-CSIRT, so it should be 
pretty wide spread. Our security guys were pretty shocked when I 
explained that any root on any machine (ignoring the ACL which we are 
using of course) has full access to the server. :-D

> We have investigated using SSH or TLS with certificates for the server, user and user host. There has also been discussion among users concerning the GSSAPI.

Certificates are pretty useless for this case.

> I would like to hear your opinions about what you think would work best in your environment.

GSSAPI works great. We are using it in production for almost two years. 
Machines that are in ACL can access torque without tickets, otherwise a 
ticket is required. We also have ACL for allowed realms (two actually, 
one for general commands and one for submit).

-- 
Mgr. Simon Toth


More information about the torquedev mailing list