[Beowulf] Definition of HPC

Jonathan Barber jonathan.barber at gmail.com
Fri Apr 19 10:21:47 PDT 2013


On 19 April 2013 16:28, Gregory Matthews <greg.matthews at diamond.ac.uk>wrote:

> On 18/04/13 18:07, Hearns, John wrote:
> > As an aside, a normal user can trigger a drop of the caches before the
> start of a job.
> > If you have looked into it,  sudo echo 3 > /proc/sys/vm/drop_caches is
> well nigh impossible.
>
> eh?
> echo 3 | sudo tee /proc/sys/vm....
>

As a warning to anyone who doesn't know, if you don't configure sudo to
restrict the allowable command line arguments to tee, then the following
will work just as well:
cat /dev/zero | sudo tee /dev/sda

Also, be careful about allowing users to sudo programs such as "vi", "less"
and even "more" - because they all have the ability to create new shell
from within them (via the '!' command) - allowing people to
escalate privileges.

Cheers
-- 
Jonathan Barber <jonathan.barber at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20130419/959d9a75/attachment.html>


More information about the Beowulf mailing list