Date: Fri, 19 Jan 2001 11:37:40 -0700 From: Lyndon Nerenberg <lyndon@orthanc.ab.ca> To: mbac@mmap.nyct.net (Michael Bacarella) Cc: void <float@firedrake.org>, David Malone <dwmalone@maths.tcd.ie>, Peter Pentchev <roam@orbitel.bg>, hackers@FreeBSD.ORG Subject: Re: Permissions on crontab.. Message-ID: <200101191837.f0JIbex65641@orthanc.ab.ca> In-Reply-To: Your message of "Wed, 17 Jan 2001 20:43:00 EST." <20010117204300.A32417@mmap.nyct.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Michael" == Michael Bacarella <mbac@mmap.nyct.net> writes:
Michael> Ideally, crontab wouldn't be suid/gid _anything_ and
Michael> users own their own crontab file, but perhaps I've said
Michael> too much. :)
Where, exactly, would you store the users crontab file?
It can't go in their home directory. Consider a machine with 10000
accounts, and all the home directories NFS mounted via amd. Imagine
what happens the first time cron scans for file modtimes. (Which it
has to do unless it has sole control over the users crontab file, which
it doesn't in this scenario.)
You can't use a 1777 directory, since that lets others DOS your
ability to create a crontab (even though the rogue file they dropped in
wouldn't be run by a reassonable cron).
I like the idea, but please show us a working design.
--lyndon
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101191837.f0JIbex65641>