[torqueusers] [torquedev] TORQUE authorization security vulnerability
samuel at unimelb.edu.au
Tue Aug 9 15:24:57 MDT 2011
On Wed, 10 Aug 2011 07:19:00 AM David Beer wrote:
> Essentially, TORQUE uses the idea for cluster security that
> individual machines in the cluster are secure, therefore you can
> trust root users.
Phew.. for a while I thought this was an unpatched exploit!
Thanks for the details David, much appreciated.
BTW: If you think that's a problem you should try running
GPFS where root on any node must be able to ssh to any
other node as root with no password. :-(
Christopher Samuel - Senior Systems Administrator
VLSCI - Victorian Life Sciences Computation Initiative
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
More information about the torqueusers