Stephen John Smoogen <smooge@xxxxxxxxx> writes: > Because in this networked world > everything becomes security sensitive because a hacker doesn't need to > be root to do a lot of things. My opinion is partly informed by my world being networked, with experience of compromises on and from research systems, for around 30 years (I'm sorry to say). > Hackers have used HPC computers for bitcoin mining because a grid app > had an overflow which allowed them to run apps as a general user. They > have set up spam farms for similar things. Another just decided to a > lark to change data in a database to see if anyone noticed. All of > which has interfered with research (and affected at least a couple of > Phd's graduation times.) Security is a question of risk management, and if mis-behaving application programs pose security problems, then bundled libraries seem the least of your worries. I claim some knowledge, since I've made more security-relevant fixes in a DRM than most people and I don't think they've gone into the Fedora version. Anyhow, as far as I can tell, it's still most commonly configured such that you can submit jobs as any other user. You surely have to address that sort of thing, and local privilege escalations with stolen credentials, before worrying about the applications being run if they're somehow a risk. > Most of those break-ins happened because of applications which were > considered non-security related and usually via a bundled pile of PHP > or java. Not in my experience, but that's not the sort of thing I'm talking about. (I do worry about unpatched stuff on our head node that I can't replace without falling foul of the vendor, but it's obviously security-relevant, and the most horrible vulnerabilities on that cluster have been due to vendor configuration rather than their lack of security updates.) -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
