[torqueusers] bug in chk_file_sec 2.1.6 with file symlinks
Pete Wyckoff
pw at osc.edu
Sat Dec 2 11:16:51 MST 2006
My mom_priv directory looks like this:
ib23# ll
total 16
drwxr-x--x 3 root root 4096 Nov 26 12:16 ./
drwxr-xr-x 8 root root 4096 Aug 8 2005 ../
lrwxrwxrwx 1 root root 9 Nov 26 12:15 config -> ro/config
lrwxrwxrwx 1 root root 11 Nov 26 12:15 epilogue -> ro/epilogue*
lrwxrwxrwx 1 root root 20 Nov 26 12:15 epilogue.parallel -> ro/epilogue.parallel*
drwxr-x--x 3 root root 4096 Dec 2 13:11 jobs/
-rw-r--r-- 1 root root 7 Dec 2 13:10 mom.lock
lrwxrwxrwx 1 root root 11 Nov 26 12:15 prologue -> ro/prologue*
lrwxrwxrwx 1 root root 20 Nov 26 12:14 prologue.parallel -> ro/prologue.parallel*
lrwxrwxrwx 1 root root 35 Nov 26 12:16 ro -> /var/spool/batch/torque/mom_priv-ro/
Note that the entry "config" is a symlink to where the actual file lives.
Code in chk_file_sec() does the wrong thing when trying to follow this
link:
[pid 27581] readlink("config", "ro/config", 256) = 9
[pid 27581] lstat("configro/config", <unfinished ...>
then complains file-not-found and exits. The code is different than
what was in good ol' PBS, but I did not delve further.
Once I noticed that this "security" was still enabled, I recompiled
with -DNO_SECURITY_CHECK to turn it off. But you may want to fix
the bug for others. Sorry no patch.
-- Pete
More information about the torqueusers
mailing list