Re: [PATCH] Tighten /etc/crontab permissions
From: Jason Stone (freebsd-security_at_dfmm.org)
Date: Tue, 10 Aug 2004 13:17:14 -0700 (PDT) To: "freebsd-security@FreeBSD.org" <freebsd-security@FreeBSD.org>
-----BEGIN PGP SIGNED MESSAGE-----
> What do you think about the benefit for users being able to see the
> system crontab? I think knowing what would be executed under others'
> identity is (at least) not always a good thing, especially the users we
> generally don't fully trust...
so do you also suggest that we default to setting the sysctl variables
that prevent users from seeing each others processes with ps(1)?
because to me, if you want to be hard core, that seems like a much more
obvious place to start - who cares that I can read crontab if I can run ps
and see _all_ the other processes on the system, not just the ones in
the default install has to strike the right balance of security out of the
box and usability out of the box, and it's sometimes unclear what are the
right choices. but even if you want to err on the side of security, you
still have to think about things logically, and think of what exactly
you're protecting and from whom. if users shouldn't be able to see each
others' processes, then you should address that from a more systemic level
and not just try to tack on little security annoyances.
if you want to say that users shouldn't be able to see each other, then
think about all the ways that users can see each other - reading each
others' files, seeing each others' process with ps or in /proc, seeing
what network ports other users have bound with sockstat or lsof - then
decide which are the important things to lock down, which ones are easy
and which ones are not worth it, and come up with a more comprehensive
I wouldn't object to a general, high-level security option to prevent
users from seeing each other, but only changing the permissions on crontab
doesn't buy you any real security, it just creates annoyances.
Freud himself was a bit of a cold fish, and one cannot avoid the suspicion
that he was insufficiently fondled when he was an infant.
-- Ashley Montagu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
-----END PGP SIGNATURE-----
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "email@example.com"