Hi all, we have some problems with LD_PRELOAD attacks (with the fakeroot program) to the mclient commands. With fakeroot, an unprivileged user can increase his privileges to ADMIN1 level easily.
I have made a patch in order to use client auth through the command mauth. This command is in the source code but it is not compiled by default. After installed the patch, the file mauth should be at the path with permissions 4755 and a random file with size between 512 and 1024 bytes named .moab.key has to be created in all nodes in the cluster in the same directory as maui.cfg. Regards, Miguel _______________________________________________ mauiusers mailing list [email protected] http://www.supercluster.org/mailman/listinfo/mauiusers
