Difference between revisions of "NMRPipe"
Line 12: | Line 12: | ||
This program has considerable security issues that need to be addressed if installed on a multiuser system. It is recommended to set the permissions on the install directory to 700 prior to install and until all issues are solved. | This program has considerable security issues that need to be addressed if installed on a multiuser system. It is recommended to set the permissions on the install directory to 700 prior to install and until all issues are solved. | ||
− | # NMRPipe installs with many files and directories globally writable and executable. This means that anyone with access to the system can replace these programs with malicious programs. For example, it is trivial to produce a malicious program | + | # NMRPipe installs with many files and directories globally writable and executable. This means that anyone with access to the system can replace these programs with malicious programs. For example, it is trivial to produce a malicious program that sends your personal information and passwords to crackers.org and then executes the actual original program so you will never notice anything has gone wrong. This can be fixed at install using for example <code>chmod -R o-w .</code> in the install directory. |
# The nmrbin.*/nmrInit.com environment initialization script unnecessarily puts . first in $PATH, which means that all shell commands will be checked against matching files in the current working directory before execution, and if a matching executable is found, this program will be run instead. For example, it is trivial to construct a malicious program called cd, or ls, or ssh, or bruker, or any other command commonly used by NMRPipe users, and if an NMRPipe user happens to use any of these commands in a directory containing such a file, well see above for consequences. Notably, NMRPipe does not require or use this setting so it can (and SHOULD) be safely removed from nmrbin.*/nmrInit.com. | # The nmrbin.*/nmrInit.com environment initialization script unnecessarily puts . first in $PATH, which means that all shell commands will be checked against matching files in the current working directory before execution, and if a matching executable is found, this program will be run instead. For example, it is trivial to construct a malicious program called cd, or ls, or ssh, or bruker, or any other command commonly used by NMRPipe users, and if an NMRPipe user happens to use any of these commands in a directory containing such a file, well see above for consequences. Notably, NMRPipe does not require or use this setting so it can (and SHOULD) be safely removed from nmrbin.*/nmrInit.com. | ||
Latest revision as of 11:46, 20 April 2012
NMRPipe is a NMR spectroscopy data analysis suite.
Availability
Resource | Centre | Description |
---|---|---|
Kappa | NSC | throughput cluster resource of 26 TFLOPS |
Matter | NSC | cluster resource of 37 TFLOPS dedicated to materials science |
Triolith | NSC | Capability cluster with 338 TFLOPS peak and 1:2 Infiniband fat-tree |
Security considerations
This program has considerable security issues that need to be addressed if installed on a multiuser system. It is recommended to set the permissions on the install directory to 700 prior to install and until all issues are solved.
- NMRPipe installs with many files and directories globally writable and executable. This means that anyone with access to the system can replace these programs with malicious programs. For example, it is trivial to produce a malicious program that sends your personal information and passwords to crackers.org and then executes the actual original program so you will never notice anything has gone wrong. This can be fixed at install using for example
chmod -R o-w .
in the install directory. - The nmrbin.*/nmrInit.com environment initialization script unnecessarily puts . first in $PATH, which means that all shell commands will be checked against matching files in the current working directory before execution, and if a matching executable is found, this program will be run instead. For example, it is trivial to construct a malicious program called cd, or ls, or ssh, or bruker, or any other command commonly used by NMRPipe users, and if an NMRPipe user happens to use any of these commands in a directory containing such a file, well see above for consequences. Notably, NMRPipe does not require or use this setting so it can (and SHOULD) be safely removed from nmrbin.*/nmrInit.com.
Tips and tricks
- NMRPipe claims to require using (t)csh shell, but actually doesn't. It requires a handful of environment variables to be set, and these can be trivially copied from nmrbin.*/nmrInit.com csh script.
- NMRPipe claims to require nmrbin.*/nmrInit.com to be sourced from the user's ~/.cshrc file, but actually doesn't, so users shouldn't. Especially since sourcing an unmodified nmrbin.*/nmrInit.com introduces potential security holes (see #Security considerations above).
License
License: Free.
Experts
No experts have currently registered expertise on this specific subject. List of registered field experts:
Field | AE FTE | General activities | ||
---|---|---|---|---|
Anders Hast (UPPMAX) | UPPMAX | Visualisation, Digital Humanities | 30 | Software and usability for projects in digital humanities |
Anders Sjölander (UPPMAX) | UPPMAX | Bioinformatics | 100 | Bioinformatics support and training, job efficiency monitoring, project management |
Anders Sjöström (LUNARC) | LUNARC | GPU computing MATLAB General programming Technical acoustics | 50 | Helps users with MATLAB, General programming, Image processing, Usage of clusters |
Birgitte Brydsö (HPC2N) | HPC2N | Parallel programming HPC | Training, general support | |
Björn Claremar (UPPMAX) | UPPMAX | Meteorology, Geoscience | 100 | Support for geosciences, Matlab |
Björn Viklund (UPPMAX) | UPPMAX | Bioinformatics Containers | 100 | Bioinformatics, containers, software installs at UPPMAX |
Chandan Basu (NSC) | NSC | Computational science | 100 | EU projects IS-ENES and PRACE. Working on climate and weather codes |
Diana Iusan (UPPMAX) | UPPMAX | Computational materials science Performance tuning | 50 | Compilation, performance optimization, and best practice usage of electronic structure codes. |
Frank Bramkamp (NSC) | NSC | Computational fluid dynamics | 100 | Installation and support of computational fluid dynamics software. |
Hamish Struthers (NSC) | NSC | Climate research | 80 | Users support focused on weather and climate codes. |
Henric Zazzi (PDC) | PDC | Bioinformatics | 100 | Bioinformatics Application support |
Jens Larsson (NSC) | NSC | Swestore | ||
Jerry Eriksson (HPC2N) | HPC2N | Parallel programming HPC | HPC, Parallel programming | |
Joachim Hein (LUNARC) | LUNARC | Parallel programming Performance optimisation | 85 | HPC training Parallel programming support Performance optimisation |
Johan Hellsvik | PDC | Materialvetenskap | 30 | materials theory, modeling of organic magnetic materials, |
Johan Raber (NSC) | NSC | Computational chemistry | 50 | |
Jonas Lindemann (LUNARC) | LUNARC | Grid computing Desktop environments | 20 | Coordinating SNIC Emerging Technologies Developer of ARC Job Submission Tool Grid user documentation Leading the development of ARC Storage UI Lunarc Box Lunarc HPC Desktop |
Krishnaveni Chitrapu (NSC) | NSC | Software development | ||
Lars Eklund (UPPMAX) | UPPMAX | Chemistry Data management FAIR Sensitive data | 100 | Chemistry codes, databases at UPPMAX, sensitive data, PUBA agreements |
Lars Viklund (HPC2N) | HPC2N | General programming HPC | HPC, General programming, installation of software, support, containers | |
Lilit Axner (PDC) | PDC | Computational fluid dynamics | 50 | |
Marcus Lundberg (UPPMAX) | UPPMAX | Computational science Parallel programming Performance tuning Sensitive data | 100 | I help users with productivity, program performance, and parallelisation. I also work with allocations and with sensitive data questions |
Martin Dahlö (UPPMAX) | UPPMAX | Bioinformatics | 10 | Bioinformatic support |
Matias Piqueras (UPPMAX) | UPPMAX | Humanities, Social sciences | 70 | Support for humanities and social sciences, machine learning |
Mikael Djurfeldt (PDC) | PDC | Neuroinformatics | 100 | |
Mirko Myllykoski (HPC2N) | HPC2N | Parallel programming GPU computing | Parallel programming, HPC, GPU programming, advanced support | |
Pavlin Mitev (UPPMAX) | UPPMAX | Computational materials science | 100 | |
Pedro Ojeda-May (HPC2N) | HPC2N | Molecular dynamics Machine learning Quantum Chemistry | Training, HPC, Quantum Chemistry, Molecular dynamics, R, advanced support | |
Peter Kjellström (NSC) | NSC | Computational science | 100 | All types of HPC Support. |
Peter Münger (NSC) | NSC | Computational science | 60 | Installation and support of MATLAB, Comsol, and Julia. |
Rickard Armiento (NSC) | NSC | Computational materials science | 40 | Maintainer of the scientific software environment at NSC. |
Szilard Pall | PDC | Molecular dynamics | 55 | Algorithms & methods for accelerating molecular dynamics, Parallelization and acceleration of molecular dynamics on modern high performance computing architectures, High performance computing, manycore and heterogeneous architectures, GPU computing |
Thomas Svedberg (C3SE) | C3SE | Solid mechanics | ||
Torben Rasmussen (NSC) | NSC | Computational chemistry | 100 | Installation and support of computational chemistry software. |
Wei Zhang (NSC) | NSC | Computational science Parallel programming Performance optimisation | code optimization, parallelization. | |
Weine Olovsson (NSC) | NSC | Computational materials science | 90 | Application support, installation and help |
Åke Sandgren (HPC2N) | HPC2N | Computational science | 50 | SGUSI |