In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions (other write access) occur in certain cases (GE-6890).
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Grid_engine | Univa | 8.6.3 (including) | 8.6.3 (including) |
Gridengine | Ubuntu | bionic | * |
Gridengine | Ubuntu | focal | * |
Gridengine | Ubuntu | groovy | * |
Gridengine | Ubuntu | hirsute | * |
Gridengine | Ubuntu | impish | * |
Gridengine | Ubuntu | kinetic | * |
Gridengine | Ubuntu | lunar | * |
Gridengine | Ubuntu | mantic | * |
Gridengine | Ubuntu | oracular | * |
Gridengine | Ubuntu | trusty | * |
Gridengine | Ubuntu | xenial | * |