Reuti <[email protected]> writes: > Am 17.04.2012 um 23:39 schrieb Rayson Ho: > >> If you Google for this kind of security bugs, you will find that there >> is always *1 more* env var that can change the behavior but is not >> filtered in other software. > > I don't know how it was fixed now, but one approach could be: if run > as root, clear all env var except the SGE_* ones. IIRC this is the way > Torque starts prolog/epilog.
It's probably a good suggestion to transform things like that, but I suspect there isn't currently enough in the SGE_... list for reasonable uses in the hooks. I'm unclear why the user environment needs to be passed to the remote startup daemons at all, rather than just clearing it modulo the canonical(?) necessary variables. Does anyone know? -- Community Grid Engine: http://arc.liv.ac.uk/SGE/ _______________________________________________ users mailing list [email protected] https://gridengine.org/mailman/listinfo/users
