Date: Wed, 17 Jan 2001 20:43:00 -0500 From: mbac@mmap.nyct.net (Michael Bacarella) To: void <float@firedrake.org> Cc: David Malone <dwmalone@maths.tcd.ie>, Peter Pentchev <roam@orbitel.bg>, hackers@FreeBSD.org Subject: Re: Permissions on crontab.. Message-ID: <20010117204300.A32417@mmap.nyct.net> In-Reply-To: <20010118010735.A21964@firedrake.org>; from float@firedrake.org on Thu, Jan 18, 2001 at 01:07:35AM %2B0000 References: <20010117123740.Q364@ringworld.oblivion.bg> <200101171045.aa30069@salmon.maths.tcd.ie> <20010118010735.A21964@firedrake.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 18, 2001 at 01:07:35AM +0000, void wrote: > > True - but I'd say it provides a false sense of security, which > > might be more damaging than the extra security provided against > > read-only exploits in crontab. > > That's silly. Group tty can be leveraged to provide more privilege, > but that doesn't mean write(1) should be setuid root, or that having > write(1) setgid tty provides a false sense of security. > > I think that the proposed change would be a good idea, and that it's > consistent with write(1) and other uses of setgid. Ideally, crontab wouldn't be suid/gid _anything_ and users own their own crontab file, but perhaps I've said too much. :) -- Michael Bacarella <mbac@mmap.nyct.net> Technical Staff / New York Connect.Net, Ltd Daytime Phone: (212) 581-2831 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010117204300.A32417>