tech-security: cron (was Re: BSD auth for NetBSD)

Subject: cron (was Re: BSD auth for NetBSD)
To: None <tech-userlevel@NetBSD.ORG>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-security
Date: 09/13/2003 19:22:20

> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/at
> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/atq
> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/atrm
> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/batch

> -r-sr-xr-x  1 root  wheel   24048 Sep  6 21:30 /usr/bin/crontab

These are easy fixes (and not related to any authentication as far as I
know).

Has there been any discussion on getting rid of setuid root and just using
setgid of cron-specific group? (And making the cron tabs directory
writable by that group.)

   Jeremy C. Reed
   http://bsd.reedmedia.net/