BOINC Security concerns

作者	消息
John McLeod VII 志愿者开发人员志愿者测试人员发送消息已加入：15 Jul 99 贴子：24806 积分：790,712 近期平均积分：0	消息 80526 - 发表于：18 Feb 2005, 4:02:36 UTC I believe that BOINC can run as a service with a limited account that has been granted full access to the BOINC directory. BOINC WIKI ID: 80526 ·

Pascal, K G 志愿者测试人员发送消息已加入：3 Apr 99 贴子：2343 积分：150,491 近期平均积分：0	消息 80058 - 发表于：16 Feb 2005, 21:41:56 UTC 最近的修改日期：16 Feb 2005, 21:42:21 UTC May have some answers here Links to Documents by Project or How I found out all the Stuff I Needed to Know About BOINC Semper Eadem So long Paul, it has been a hell of a ride. Park your ego's, fire up the computers, Science YES, Credits No. ID: 80058 ·

DS 发送消息已加入：13 May 03 贴子：4 积分：1,842,518 近期平均积分：0	消息 80046 - 发表于：16 Feb 2005, 20:52:12 UTC Then running BOINC as service it will start (and run) as NETWORK_SERVICE user. ID: 80046 ·

paperdragon 志愿者测试人员发送消息已加入：27 Aug 99 贴子：174 积分：1,452,115 近期平均积分：0	消息 80032 - 发表于：16 Feb 2005, 19:53:24 UTC 最近的修改日期：16 Feb 2005, 19:55:58 UTC .... answered wrong question .... You need a second life? Seconlife.com ID: 80032 ·

lcruz01 发送消息已加入：3 Apr 99 贴子：4 积分：0 近期平均积分：0	消息 80021 - 发表于：16 Feb 2005, 19:10:59 UTC We are basically allowing seti, or Predictor, or whatever project you are running full access to execute any code on our system. What would happen if an attacker compromised one of the project servers and used it to distribute malicious code to all the clients? Is there a way to protect ourselves on the client side if a disaster like this were to occur? My first guess would be to run the client service as a limited user, but I don't know if that will make Boinc unusable. Has anyone else given any thought to this? How can we make the Boinc client more secure on our ends? ID: 80021 ·

©2020 University of California

SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.