[PATCH] Tighten /etc/crontab permissions
Doug Barton
DougB at FreeBSD.org
Tue Aug 10 10:02:11 PDT 2004
On Wed, 11 Aug 2004, Xin LI wrote:
> Hi folks,
>
> While investigating OpenBSD's cron implementation, I found that they set
> the systemwide crontab (a.k.a. /etc/crontab) to be readable by the
> superuser only. The attached patch will bring this to FreeBSD by moving
> crontab out from BIN1 group and install it along with master.passwd.
Do you have a reason for wanting to do this other than, "OpenBSD does it
this way?" I personally see no problems, and some benefit for users
being able to see the system crontab. If the superuser needs to run
"secret" cron jobs, then there is root's crontab that can be used for
this purpose.
Can you elaborate on your thinking?
Doug
--
This .signature sanitized for your protection
More information about the freebsd-security
mailing list