[PATCH] Tighten /etc/crontab permissions
Xin LI
delphij at frontfree.net
Tue Aug 10 09:43:27 PDT 2004
Hi folks,
While investigating OpenBSD's cron implementation, I found that they set
the systemwide crontab (a.k.a. /etc/crontab) to be readable by the
superuser only. The attached patch will bring this to FreeBSD by moving
crontab out from BIN1 group and install it along with master.passwd.
This change should not affect the current cron(1) behavior.
Cheers,
--
Xin LI <delphij frontfree net> http://www.delphij.net/
See complete headers for GPG key and other information.
-------------- next part --------------
Index: Makefile
===================================================================
RCS file: /home/fcvs/src/etc/Makefile,v
retrieving revision 1.327
diff -u -r1.327 Makefile
--- Makefile 23 Mar 2004 22:17:34 -0000 1.327
+++ Makefile 10 Aug 2004 06:03:59 -0000
@@ -6,7 +6,7 @@
.endif
BIN1= amd.map apmd.conf auth.conf \
- crontab csh.cshrc csh.login csh.logout devd.conf devfs.conf \
+ csh.cshrc csh.login csh.logout devd.conf devfs.conf \
dhclient.conf disktab fbtab ftpusers gettytab group \
hosts hosts.allow hosts.equiv hosts.lpd \
inetd.conf login.access login.conf \
@@ -73,7 +73,7 @@
${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 755 \
${BIN2} ${DESTDIR}/etc; \
${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 600 \
- master.passwd nsmb.conf opieaccess ${DESTDIR}/etc; \
+ crontab master.passwd nsmb.conf opieaccess ${DESTDIR}/etc; \
pwd_mkdb -p -d ${DESTDIR}/etc ${DESTDIR}/etc/master.passwd
cd ${.CURDIR}/bluetooth; ${MAKE} install
cd ${.CURDIR}/defaults; ${MAKE} install
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040811/3ce5de85/attachment.bin
More information about the freebsd-security
mailing list