cron.allow and cron.deny
Manuel Arostegui Ramirez
manuel at todo-linux.com
Tue Sep 12 07:36:39 UTC 2006
El Lunes, 11 de Septiembre de 2006 18:44, Steve Berg escribió:
>
> If that were true then the user could run the damaging process anytime
> they wished since cron will execute a user's crontab with that user's
> permissions. On systems I work with cron is available to any user on a
> fresh install.
> --
I wanna mean that it's not a good idea to allow system accounts to access
crontab.
Of course that users are allow or should be allow in mostle scenaries to use
cron, cause they are only allow to run scripts with users permissions, that's
clear for all.
IMHO if for instance apache user or nobody one is able to set up tasks on
crontab, you're box is on risk, isn't it?
By the way, if some one get access to your server using an apache bug or
whatever, you're in trouble.
it's just an opinion, maybe i'm too paranoic with system security, could be.
Cheers.
--
Manuel Arostegui Ramirez.
Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.
More information about the redhat-list
mailing list