Permalink
Browse files

retag of v1.3.14

  • Loading branch information...
2 parents 63f928c + 0d49749 commit 0af2fcbb879ebd8af95d1c73a5ba9649ac802059 @jette jette committed Mar 30, 2009
Showing with 14 additions and 4 deletions.
  1. +2 −1 NEWS
  2. +12 −3 src/slurmctld/trigger_mgr.c
View
3 NEWS
@@ -4,7 +4,8 @@ documents those changes that are of interest to users and admins.
* Changes in SLURM 1.3.14
=========================
-- SECURITY BUG: Fix in sbcast logic that permits users to write files based
- upon supplimental groups of the slurmd daemon.
+ upon supplimental groups of the slurmd daemon. Similar logic for event
+ triggers if slurmctld is run as user root (not typical).
* Changes in SLURM 1.3.13
=========================
@@ -985,9 +985,18 @@ static void _trigger_run_program(trig_mgr_info_t *trig_in)
setpgrp();
#endif
setsid();
- setuid(uid);
- setgid(gid);
- initgroups(user_name, -1);
+ if (initgroups(user_name, gid) == -1) {
+ error("trigger: initgroups: %m");
+ exit(1);
+ }
+ if (setgid(uid) == -1) {
+ error("trigger: setgid: %m");
+ exit(1);
+ }
+ if (setuid(gid) == -1) {
+ error("trigger: setuid: %m");
+ exit(1);
+ }
execl(program, arg0, arg1, NULL);
exit(1);
} else

0 comments on commit 0af2fcb

Please sign in to comment.