[torqueusers] Security Vulnerability in Torque

David Golden dgolden at cp.dias.ie
Fri Oct 20 18:44:13 MDT 2006

On 2006-10-20 17:31:32 -0700, Garrick Staples wrote:

> > Have per-user subdirectories under pbs/spool/ in the non-disable-spool 
> > case? But... then be careful when creating _them_...

> Which is relatively safe since mkdir(2) doesn't follow symlinks,

And would spool need to be world-writable rather than root.root 755 in 
that case anyway, since pbs_mom could just create a 755 subdir owned 
by each user?

> but it
> would break 3rd party stuff. 

Guess so. The popular "qpeek" script would need a tweak, for starters.

More information about the torqueusers mailing list