tech-userlevel: Re: cron (was Re: BSD auth for NetBSD)

Subject: Re: cron (was Re: BSD auth for NetBSD)
To: None <tech-userlevel@NetBSD.org>
From: Steven M. Bellovin <smb@research.att.com>
List: tech-userlevel
Date: 09/13/2003 22:28:19

In message <Pine.LNX.4.43.0309131918410.12784-100000@pilchuck.reedmedia.net>, "
Jeremy C. Reed" writes:
>> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/at
>> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/atq
>> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/atrm
>> -r-sr-xr-x  4 root  wheel   23284 Sep  6 21:30 /usr/bin/batch
>
>> -r-sr-xr-x  1 root  wheel   24048 Sep  6 21:30 /usr/bin/crontab
>
>These are easy fixes (and not related to any authentication as far as I
>know).
>
>Has there been any discussion on getting rid of setuid root and just using
>setgid of cron-specific group? (And making the cron tabs directory
>writable by that group.)
>

That's a distinction without a difference, since a subverted crontab 
could rewrite root's file, which would be executed as root by crond.


		--Steve Bellovin, http://www.research.att.com/~smb