[torqueusers] qdel all
jbernstein at penguincomputing.com
Thu Jun 4 13:17:17 MDT 2009
On Jun 4, 2009, at 12:13 PM, Bogdan Costescu wrote:
> On Jun 4, 2009, at 10:11 AM, Brock Palen wrote:
>> qdel all, from a non operator, tries to delete every job, not just
>> ones they own, and it prints out "Unauthorized request"
> Without looking at the code, I had the impression that qdel doesn't
> know whether the current user is an admin/operator or not, so it tries
> to delete the job anyway - it's the pbs_server which can diferentiate
> and allow or not the delete request. Someone familiar with the code,
> please correct me if I'm wrong.
Exactly! You're correct! qdel doesn't do any authorization checks as
the data is stored in the serverdb, thus pbs_server returns the
unauthorized messages to qdel.
More information about the torqueusers