Cluster Security Policy

Facts about Current Configuration

  1. The root user on rcmaster can use root privileges on rcnfs.
  2. The root user on each of the rcXX cannot use root privileges on rcnfs, due to root squashing by rcnfs.
  3. This implies that root on rcXX is significantly less dangerous than root on rcmaster.

Policy

  1. We should generally favor sudo over logging in as root for almost all purposes.
  2. Those who require root privileges on the cluster machines should be added to the group wheel on each cluster machine, rather than having their public key added to /root/.ssh/authorized_keys.
  3. Only those who can take the responsibility of rebuilding rcmaster or rcnfs should hold root privileges on either of those machines.