[6111] in bugtraq
Re: [linux-security] vixie cron 3.0.1 continued
daemon@ATHENA.MIT.EDU (Cristian Gafton)
Wed Feb 11 11:31:17 1998
Date: Wed, 11 Feb 1998 04:19:29 -0500
Reply-To: Cristian Gafton <gafton@REDHAT.COM>
From: Cristian Gafton <gafton@REDHAT.COM>
X-To: Linux Security <linux-security@redhat.com>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <01bd3251$63f9d8a0$LocalHost@LCAMTUF>
On Thu, 5 Feb 1998, [UNKNOWN-8BIT] Micha=B3 Zalewski wrote:
> The problem with vixie cron is wider (and more funny) than I expected=
.
> Here's my proggy which allows hiding files of any kind and size into
> crontab entries (remember, quota is ignored ;-):
This problem can be easily corrected, at least on Red Hat Linux systems=
,
were every user have it's own group. vixie cron will install the cronta=
b
file with ownership root.usergroup.
Installing group quotas for the partiotion /var/spool/cron resides on w=
ill
solve the problem.
I don't know about other linux systems, but at least on Red Hat the
user-hroup scheme is proving to be useful in this case :-)
Best wishes,
Cristian
--
----------------------------------------------------------------------
Cristian Gafton -- gafton@redhat.com -- Red Hat Software, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
UNIX is user friendly. It's just selective about who its friends are.
