[torqueusers] Torque/BLCR directory

Robin, Robin robinr at muohio.edu
Thu Sep 23 11:48:17 MDT 2010


Hi,

I'm not sure if everyone is seeing the same thing. I believe this is a security bug. Please correct me if I'm mistaken.
I'm seeing the same behavior on 2.4.6 and 2.4.10.

user1 submitted a job, user1 qhold it (i.e., checkpoints it), then root at compute-node will do scp the checkpoint-context to user1 at torque-server:/var/spool/torque/checkpoint/110760.torque.hpc.muohio.edu.CK/

The checkpoint directory right now is being created with 777 without the sticky bit. 
As a side note, because user1 needs to write into the checkpoint dir (because of the scp command), /var/spool/torque/checkpoint needs to be at leasts others-executable.

This combination allows all other users to replace the user1's checkpoint file under the check point dir. This presents a security risk.

A simple patch to job_func.c will fix this, in 2.4.10 source,
diff ./job_func.c ./job_func.c.dist
1119c1119
<   if ((mkdir(serverfile, 01777) == -1) && (errno != EEXIST))
---
>   if ((mkdir(serverfile, 0777) == -1) && (errno != EEXIST))

That said, I'm not entirely familiar with all the entire Torque code base, but the patch seems to work for me.

Thanks,
Robin





More information about the torqueusers mailing list