Difference between revisions of "NMRPipe"

From SNIC Documentation
Jump to: navigation, search
 
Line 12: Line 12:
 
This program has considerable security issues that need to be addressed if installed on a multiuser system. It is recommended to set the permissions on the install directory to 700 prior to install and until all issues are solved.
 
This program has considerable security issues that need to be addressed if installed on a multiuser system. It is recommended to set the permissions on the install directory to 700 prior to install and until all issues are solved.
  
# NMRPipe installs with many files and directories globally writable and executable. This means that anyone with access to the system can replace these programs with malicious programs. For example, it is trivial to produce a malicious program (that for example sends your personal information and passwords to crackers.org) and then executes the original program so you will never notice anything has gone wrong. This can be fixed at install using for example <code>chmod -R o-w .</code> in the install directory.
+
# NMRPipe installs with many files and directories globally writable and executable. This means that anyone with access to the system can replace these programs with malicious programs. For example, it is trivial to produce a malicious program that sends your personal information and passwords to crackers.org and then executes the actual original program so you will never notice anything has gone wrong. This can be fixed at install using for example <code>chmod -R o-w .</code> in the install directory.
 
# The nmrbin.*/nmrInit.com environment initialization script unnecessarily puts . first in $PATH, which means that all shell commands will be checked against matching files in the current working directory before execution, and if a matching executable is found, this program will be run instead. For example, it is trivial to construct a malicious program called cd, or ls, or ssh, or bruker, or any other command commonly used by NMRPipe users, and if an NMRPipe user happens to use any of these commands in a directory containing such a file, well see above for consequences. Notably, NMRPipe does not require or use this setting so it can (and SHOULD) be safely removed from nmrbin.*/nmrInit.com.  
 
# The nmrbin.*/nmrInit.com environment initialization script unnecessarily puts . first in $PATH, which means that all shell commands will be checked against matching files in the current working directory before execution, and if a matching executable is found, this program will be run instead. For example, it is trivial to construct a malicious program called cd, or ls, or ssh, or bruker, or any other command commonly used by NMRPipe users, and if an NMRPipe user happens to use any of these commands in a directory containing such a file, well see above for consequences. Notably, NMRPipe does not require or use this setting so it can (and SHOULD) be safely removed from nmrbin.*/nmrInit.com.  
  

Latest revision as of 11:46, 20 April 2012

NMRPipe is a NMR spectroscopy data analysis suite.

Availability

ResourceCentreDescription
KappaNSCthroughput cluster resource of 26 TFLOPS
MatterNSCcluster resource of 37 TFLOPS dedicated to materials science
TriolithNSCCapability cluster with 338 TFLOPS peak and 1:2 Infiniband fat-tree

Security considerations

This program has considerable security issues that need to be addressed if installed on a multiuser system. It is recommended to set the permissions on the install directory to 700 prior to install and until all issues are solved.

  1. NMRPipe installs with many files and directories globally writable and executable. This means that anyone with access to the system can replace these programs with malicious programs. For example, it is trivial to produce a malicious program that sends your personal information and passwords to crackers.org and then executes the actual original program so you will never notice anything has gone wrong. This can be fixed at install using for example chmod -R o-w . in the install directory.
  2. The nmrbin.*/nmrInit.com environment initialization script unnecessarily puts . first in $PATH, which means that all shell commands will be checked against matching files in the current working directory before execution, and if a matching executable is found, this program will be run instead. For example, it is trivial to construct a malicious program called cd, or ls, or ssh, or bruker, or any other command commonly used by NMRPipe users, and if an NMRPipe user happens to use any of these commands in a directory containing such a file, well see above for consequences. Notably, NMRPipe does not require or use this setting so it can (and SHOULD) be safely removed from nmrbin.*/nmrInit.com.

Tips and tricks

  1. NMRPipe claims to require using (t)csh shell, but actually doesn't. It requires a handful of environment variables to be set, and these can be trivially copied from nmrbin.*/nmrInit.com csh script.
  2. NMRPipe claims to require nmrbin.*/nmrInit.com to be sourced from the user's ~/.cshrc file, but actually doesn't, so users shouldn't. Especially since sourcing an unmodified nmrbin.*/nmrInit.com introduces potential security holes (see #Security considerations above).

License

License: Free.

Experts

No experts have currently registered expertise on this specific subject. List of registered field experts:

  FieldAE FTEGeneral activities
Anders Hast (UPPMAX)UPPMAXVisualisation, Digital Humanities30Software and usability for projects in digital humanities
Anders Sjölander (UPPMAX)UPPMAXBioinformatics100Bioinformatics support and training, job efficiency monitoring, project management
Anders Sjöström (LUNARC)LUNARCGPU computing
MATLAB
General programming
Technical acoustics
50Helps users with MATLAB, General programming, Image processing, Usage of clusters
Birgitte Brydsö (HPC2N)HPC2NParallel programming
HPC
Training, general support
Björn Claremar (UPPMAX)UPPMAXMeteorology, Geoscience100Support for geosciences, Matlab
Björn Viklund (UPPMAX)UPPMAXBioinformatics
Containers
100Bioinformatics, containers, software installs at UPPMAX
Chandan Basu (NSC)NSCComputational science100EU projects IS-ENES and PRACE.
Working on climate and weather codes
Diana Iusan (UPPMAX)UPPMAXComputational materials science
Performance tuning
50Compilation, performance optimization, and best practice usage of electronic structure codes.
Frank Bramkamp (NSC)NSCComputational fluid dynamics100Installation and support of computational fluid dynamics software.
Hamish Struthers (NSC)NSCClimate research80Users support focused on weather and climate codes.
Henric Zazzi (PDC)PDCBioinformatics100Bioinformatics Application support
Jens Larsson (NSC)NSCSwestore
Jerry Eriksson (HPC2N)HPC2NParallel programming
HPC
HPC, Parallel programming
Joachim Hein (LUNARC)LUNARCParallel programming
Performance optimisation
85HPC training
Parallel programming support
Performance optimisation
Johan HellsvikPDCMaterialvetenskap30materials theory, modeling of organic magnetic materials,
Johan Raber (NSC)NSCComputational chemistry50
Jonas Lindemann (LUNARC)LUNARCGrid computing
Desktop environments
20Coordinating SNIC Emerging Technologies
Developer of ARC Job Submission Tool
Grid user documentation
Leading the development of ARC Storage UI
Lunarc Box
Lunarc HPC Desktop
Krishnaveni Chitrapu (NSC)NSCSoftware development
Lars Eklund (UPPMAX)UPPMAXChemistry
Data management
FAIR
Sensitive data
100Chemistry codes, databases at UPPMAX, sensitive data, PUBA agreements
Lars Viklund (HPC2N)HPC2NGeneral programming
HPC
HPC, General programming, installation of software, support, containers
Lilit Axner (PDC)PDCComputational fluid dynamics50
Marcus Lundberg (UPPMAX)UPPMAXComputational science
Parallel programming
Performance tuning
Sensitive data
100I help users with productivity, program performance, and parallelisation. I also work with allocations and with sensitive data questions
Martin Dahlö (UPPMAX)UPPMAXBioinformatics10Bioinformatic support
Matias Piqueras (UPPMAX)UPPMAXHumanities, Social sciences70Support for humanities and social sciences, machine learning
Mikael Djurfeldt (PDC)PDCNeuroinformatics100
Mirko Myllykoski (HPC2N)HPC2NParallel programming
GPU computing
Parallel programming, HPC, GPU programming, advanced support
Pavlin Mitev (UPPMAX)UPPMAXComputational materials science100
Pedro Ojeda-May (HPC2N)HPC2NMolecular dynamics
Machine learning
Quantum Chemistry
Training, HPC, Quantum Chemistry, Molecular dynamics, R, advanced support
Peter Kjellström (NSC)NSCComputational science100All types of HPC Support.
Peter Münger (NSC)NSCComputational science60Installation and support of MATLAB, Comsol, and Julia.
Rickard Armiento (NSC)NSCComputational materials science40Maintainer of the scientific software environment at NSC.
Szilard PallPDCMolecular dynamics55Algorithms & methods for accelerating molecular dynamics, Parallelization and acceleration of molecular dynamics on modern high performance computing architectures, High performance computing, manycore and heterogeneous architectures, GPU computing
Thomas Svedberg (C3SE)C3SESolid mechanics
Torben Rasmussen (NSC)NSCComputational chemistry100Installation and support of computational chemistry software.
Wei Zhang (NSC)NSCComputational science
Parallel programming
Performance optimisation
code optimization, parallelization.
Weine Olovsson (NSC)NSCComputational materials science90Application support, installation and help
Åke Sandgren (HPC2N)HPC2NComputational science50SGUSI

Links