Date: Mon, 16 Dec 1996 16:09:10 -0500 (EST) From: Andrew Y Ng <ayn@rocket.Ngbert.org> To: Dmitry Valdov <dv@kis.ru> Cc: freebsd-bugs@freebsd.org, freebsd-security@freebsd.org Subject: Re: crontab security hole Message-ID: <Pine.BSI.3.95.961216160824.20696A-100000@rocket.Ngbert.org> In-Reply-To: <Pine.FBSD.3.95.961216110312.12040B-100000@xkis.kis.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- well, just disallow certain "dangerous" user for setting up cron jobs. or just allow some "good" users to setup cron jobs... :) /ayn On Mon, 16 Dec 1996, Dmitry Valdov wrote: > Are there any fixes for crontab? I've exploit which allow any user to become > root using crontab security hole. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMrW6dJ6qvWJYgw1hAQHk9QP5AamfF/IA2HUuHqfewPk/sbJ2H0OR+964 b9LLoTgEY+siLSIXXi3lvJWBBgqe5rW//MbNR+ZDoV+3BKkW9aZV+IWqcZQh4VH1 KZ2DcXt8ybcFWSJXTpwtamTCYiYIHP1e5WLqhCvilPvXvY4S9s3FA3QSoypMp4R+ YKxVNFkV1aY= =ju8p -----END PGP SIGNATURE----- -- Andrew Y Ng <ayn@CMU.EDU> | Carnegie Mellon University http://andrew.Ngbert.org | ECE major, Music minor campus ph: 412/862-2836 | voice mail: 412/268-6700 x30027 | talk: finger ayn@andrew.Ngbert.org * NGBERT.ORG! * | for online status http://www.Ngbert.org | finger ayn@CMU.EDU for more info... --------------------------X------------------------------------- NetBSD FreeBSD Linux NeXT Be Solaris !windoze . Check three friends. If they're OK, you're it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.961216160824.20696A-100000>