Fedora Account System
Red Hat Associate
Red Hat Customer
Florian Weimer of the Red Hat Product Security Team discovered that Condor's file system authentication challenge accepted directories with weak permissions (for example, world readable, writable and executable permissions). If a user created a directory with such permissions, a local attacker could rename it, allowing them to execute jobs with the privileges of the victim user.
Acknowledgements: This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
This issue has been addressed in following products: MRG for RHEL-5 v. 2 Via RHSA-2012:1278 https://rhn.redhat.com/errata/RHSA-2012-1278.html
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2012:1281 https://rhn.redhat.com/errata/RHSA-2012-1281.html
Created condor tracking bugs for this issue Affects: fedora-all [bug 858867]
This has been resolved in upstream 7.6.10 and 7.8.4: https://lists.cs.wisc.edu/archive/condor-users/2012-September/msg00077.shtml
Upstream git commit: http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805