[torqueusers] [torquedev] TORQUE authorization security vulnerability

Ken Nielson knielson at adaptivecomputing.com
Tue Aug 9 17:11:48 MDT 2011


Simon,

What you say I think has been an unwritten requirement for running TORQUE. This might be an opportunity to put together a best practices page on how to secure your cluster.

Ken

----- Original Message -----
> From: "\"Mgr. Šimon Tóth\"" <toth at fi.muni.cz>
> To: "Torque Users Mailing List" <torqueusers at supercluster.org>
> Cc: "Ken Nielson" <knielson at adaptivecomputing.com>
> Sent: Tuesday, August 9, 2011 5:06:52 PM
> Subject: Re: [torqueusers] [torquedev] TORQUE authorization security vulnerability
> > Here is the algorithm for the vulnerability. The work around is
> > pretty easy. Let us know if you have any comments.
> 
> The bigger issue is that this is an underestimated problem (yes this
> is
> a side bug).
> 
> Your are not safe if you fix this. If a site is not firewalled, or
> using
> ACL, or has machines which are not "safe" in ACL, then the site is
> completely open.
> 
> Each connection from a privileged port is marked as server connection
> and receives full access rights - this includes modifying any server
> setting, managing nodes, running any jobs under any desired account,
> etc...
> 
> The default setting for Torque after installation should definitely
> have
> ACL turned on. That way only configured nodes and the server can be
> used
> to initiate connections to the server.
> 
> If you want to enable connections from machines you have no control
> over, you have to use a different mechanism for that (we use GSSAPI).
> 
> --
> Mgr. Simon Toth


More information about the torqueusers mailing list