Re: [PATCH] Tighten /etc/crontab permissions

From: Xin LI (delphij_at_frontfree.net)
Date: 08/10/04

Next message: Garance A Drosihn: "Re: [PATCH] Tighten /etc/crontab permissions"

Previous message: Doug Barton: "Re: [PATCH] Tighten /etc/crontab permissions"
In reply to: Doug Barton: "Re: [PATCH] Tighten /etc/crontab permissions"
Next in thread: Garance A Drosihn: "Re: [PATCH] Tighten /etc/crontab permissions"
Reply: Garance A Drosihn: "Re: [PATCH] Tighten /etc/crontab permissions"
Reply: Jason Stone: "Re: [PATCH] Tighten /etc/crontab permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 11 Aug 2004 02:10:39 +0800
To: Doug Barton <DougB@FreeBSD.org>

Hi, Doug

On Tue, Aug 10, 2004 at 10:02:09AM -0700, Doug Barton wrote:
>
> On Wed, 11 Aug 2004, Xin LI wrote:
>
> >Hi folks,
> >
> >While investigating OpenBSD's cron implementation, I found that they set
> >the systemwide crontab (a.k.a. /etc/crontab) to be readable by the
> >superuser only. The attached patch will bring this to FreeBSD by moving
> >crontab out from BIN1 group and install it along with master.passwd.
>
> Do you have a reason for wanting to do this other than, "OpenBSD does it
> this way?" I personally see no problems, and some benefit for users
> being able to see the system crontab. If the superuser needs to run
> "secret" cron jobs, then there is root's crontab that can be used for
> this purpose.
>
> Can you elaborate on your thinking?

Well... This seems much more than "OpenBSD does it" to me :-)

On a system that all users plays good, it does not matter if other users
can see the crontab. However, if it gets compromised, chances that a
badly configured system, say, with some permissions badly granted, would
give the intruder a better chance to get more privilege if [s]he can read
the crontab, and I think this is one of the reasons why the per-user crontabs
are kept in /var/cron and without granting users to see each others'.

I'm not sure if this is a sort of abusing systemwide crontabs, but the
administrators at my company have used them to run some tasks periodly
under other identities (to limit these tasks' privilege), and it provided
a somewhat "centralized" management so they would prefer to use systemwide
crontab rather than per-user ones.

What do you think about the benefit for users being able to see the system
crontab? I think knowing what would be executed under others' identity
is (at least) not always a good thing, especially the users we generally
don't fully trust...

Cheers,

-- 
Xin LI <delphij frontfree net>	http://www.delphij.net/
See complete headers for GPG key and other information.

application/pgp-signature attachment: stored

Next message: Garance A Drosihn: "Re: [PATCH] Tighten /etc/crontab permissions"

Previous message: Doug Barton: "Re: [PATCH] Tighten /etc/crontab permissions"
In reply to: Doug Barton: "Re: [PATCH] Tighten /etc/crontab permissions"
Next in thread: Garance A Drosihn: "Re: [PATCH] Tighten /etc/crontab permissions"
Reply: Garance A Drosihn: "Re: [PATCH] Tighten /etc/crontab permissions"
Reply: Jason Stone: "Re: [PATCH] Tighten /etc/crontab permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]