By default, your user is running their job under their "user account" and don't have local admin privilege. And usually headnode should be taken offline in production environment so that jobs won't run on the headnode.
If you have concerns on viruses, you could install anti-viruses on compute nodes but that will impact workload performance for sure. Or you could:
- Isolate the compute nodes on private network so that it can't reach outside
- application on the compute nodes shall only be installed by cluster admin
- Users should put their needed data, exe on a share, and the job could pull the data from the share. You could have anitvirus software running on the file share?
Qiufang Shi