[torqueusers] Torque/BLCR directory
robinr at muohio.edu
Thu Sep 23 11:48:17 MDT 2010
I'm not sure if everyone is seeing the same thing. I believe this is a security bug. Please correct me if I'm mistaken.
I'm seeing the same behavior on 2.4.6 and 2.4.10.
user1 submitted a job, user1 qhold it (i.e., checkpoints it), then root at compute-node will do scp the checkpoint-context to user1 at torque-server:/var/spool/torque/checkpoint/110760.torque.hpc.muohio.edu.CK/
The checkpoint directory right now is being created with 777 without the sticky bit.
As a side note, because user1 needs to write into the checkpoint dir (because of the scp command), /var/spool/torque/checkpoint needs to be at leasts others-executable.
This combination allows all other users to replace the user1's checkpoint file under the check point dir. This presents a security risk.
A simple patch to job_func.c will fix this, in 2.4.10 source,
diff ./job_func.c ./job_func.c.dist
< if ((mkdir(serverfile, 01777) == -1) && (errno != EEXIST))
> if ((mkdir(serverfile, 0777) == -1) && (errno != EEXIST))
That said, I'm not entirely familiar with all the entire Torque code base, but the patch seems to work for me.
More information about the torqueusers