CONDOR-2012-0003.html
>
> Regards,
> Salvatore
This security vulnerability only affects Condor's standard universe, which is
disabled in the Debian package. Thus, the Debian package of Condor is
unaffected.
Thanks and regards,
Jaime Frey
UW-Madison HTCondor Project
--
To UNSUBSCR
ts the Aviary contrib module, which isn't built in the
Debian condor package.
Thanks and regards,
Jaime Frey
UW-Madison Condor Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
On Sep 20, 2012, at 1:46 PM, Michael Hanke wrote:
> On Thu, Sep 20, 2012 at 11:33:39AM -0500, Jaime Frey wrote:
>> These security issues have been fixed in the just-released Condor 7.8.4.
>>
>> Michael, here are the commit hashes in the Condor git repo for the fixes:
>&
s:
CVE-2012-3490: 94e84ce4
CVE-2012-3491: 1fff5d40
CVE-2012-3492: 1db67805
CVE-2012-3493: d2f33972
For Debian testing, I believe we want to create a new Condor 7.8.2 package with
just these changes. Can you prepare that? I can offer whatever assistance you
require.
Thanks and regards,
Jaime Frey
oval. Opinions?
I like the idea of allowing the use of an existing 'condor' account that we can
reasonably verify can't be logged into. I presume the packaging would have to
remember that it didn't create the account, so that it leaves the account in
place on uninstall.
Thanks and regards,
Jaime Frey
UW-Madison Condor Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
s, although I can check this.
Two suggestions to help diagnose the problem:
1) Submit some simple sleep jobs, remove them, and check whether Condor kills
all of them.
2) Submit some of your real jobs and use pstree and friends to see what process
they create when Condor runs them.
Thanks and regards,
Jaime Frey
UW-Madison Condor Team
astly, Condor can spawn jobs under accounts dedicated for use by Condor. Then,
all processes owned by that account are part of the job. This option is also
disabled by default, as it requires the admin to create a set of user accounts
for Condor's use. See section 3.6.13.2 of the Condor manual
.
++---+| Jaime Frey | I used to be a heavy gambler. || jf...@cs.wisc.edu | But now I just make mental bets. || | That's how I lost my
I've committed your patch to the V7_7-branch in the Condor repository. It'll be
included in Condor 7.8.0.
Thanks and regards,
Jaime Frey
UW-Madison Condor Team
ate.
I like option 2, removing the files from the standard locations during a purge.
If we want to continue allowing the location to be changed during package
installation, the installer could save the non-standard location in a file that
the purge code could consult. Then the purge code would de
On Apr 4, 2012, at 10:34 AM, Michael Hanke wrote:
> On Apr 4, 2012 5:11 PM, "Jaime Frey" wrote:
>
> > You can also try running condor_ssh_to_job while a job is running to get
>
> > an interactive session with the same environment as your job. You can
> > e
interactive session with the same environment as your job. You can
examine the environment variables, etc. for any odd settings. You even
submit a sleep job, then use condor_ssh_to_job to start your program
interactively in the environment Condor sets up, possibly tweaking
environment varia
12 matches
Mail list logo
