|NeSC Bibliographic Database|
Implementing privilege separation in the Condor system
Appeared in: Proceedings of the UK e-Science All Hands Conference 2005 website: http://www.allhands.org.uk/2005/
Publisher: Engineering and Physical Sciences Research Council
Field of Science: e-Science
Abstract: In this paper we discuss, in some depth, our restricted implementation of privilege separation for the Condor(R) system (in the Linux environment), and, in addition, we describe our proposed architecture for communication between privilege separated daemons in the Condor system. This architecture, if adopted, would allow each daemon to conform to principle of least privilege, thus significant lowering the attack surface of the Condor system.
Keywords: e-Science, AHM 2005
|Last Updated: 22 Jun 12 11:02|