From owner-freebsd-hackers Wed Jan 17 2:39:19 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.189]) by hub.freebsd.org (Postfix) with SMTP id 79C5E37B400 for ; Wed, 17 Jan 2001 02:39:00 -0800 (PST) Received: (qmail 17237 invoked by uid 1000); 17 Jan 2001 10:37:41 -0000 Date: Wed, 17 Jan 2001 12:37:41 +0200 From: Peter Pentchev To: David Malone Cc: mbac@mmap.nyct.net, hackers@FreeBSD.org Subject: Re: Permissions on crontab.. Message-ID: <20010117123740.Q364@ringworld.oblivion.bg> Mail-Followup-To: David Malone , mbac@mmap.nyct.net, hackers@FreeBSD.org References: <20010117001842.A28301@mmap.nyct.net> <20010117102822.B25338@walton.maths.tcd.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010117102822.B25338@walton.maths.tcd.ie>; from dwmalone@maths.tcd.ie on Wed, Jan 17, 2001 at 10:28:22AM +0000 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Jan 17, 2001 at 10:28:22AM +0000, David Malone wrote: > On Wed, Jan 17, 2001 at 12:18:42AM -0500, mbac@mmap.nyct.net wrote: > > > Why is crontab suid root? > > > > I say to myself "To update /var/cron/tabs/ and to signal cron". > > > > Could crontab run suid 'cron'? > > > > If those are the only two things it needs to do, run cron as > > gid 'cron' and make /var/cron/tabs/ group writable by 'cron'. > > I'm not sure how much this would help. Being able to write arbitary > crontabs is eqivelent to root access. Making a user or group who > can write cron jobs is almost equivelent to adding a second root > user. It would probably be better to spend the time looking at the > crontab source code for risky bits of code. > > (I guess it provides some protection in the case where you are > making the crontab user read files it shouldn't. If you can make > it write files it shouldn't then you're getting into the root > equivelent area). Currently crontab only allows you to change others' files if you specify the -u option, which in turn is only allowed if you already are the superuser. ..or did you mean some kind of unintended/faulty behavior? Yes, running crontab setgid does open a window of opportunity for errors, but no more, I think, than running it setuid, as it currently is. G'luck, Peter -- Hey, out there - is it *you* reading me, or is it someone else? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message