[Bug 185531] Review Request: fcron, a task scheduler

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: fcron, a task scheduler


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185531





------- Additional Comments From pertusus@xxxxxxx  2006-03-18 17:11 EST -------
(In reply to comment #13)

> Yes, I guess it wouldn't be a real security risk if /etc/fcron.* files were 
> 644. It is good to limit as much as possible the amount of information an 
> attacker has, but in this case we may remove the suid bits from fcrondyn if we 
> allow every one to read the /etc/fcron.*. However please note that fcrondyn 
> does drop its setuid rights as soon as it does not need them anymore, which 
> limits the potential harm.

In fact I believe that both sides have pros and cons (information leak versus a
possibility of doing something unwanted as the fcron user). It seems to me that
in the fedora rpm the config files should be 0644 and fcrondyn not setuid fcron,
as it is how it is done in the whole distro. Alain, what do you think about that?

> I'm not sure I understand you ... do you mean "why a non priviledged user
> could not send a signal to fcron daemon?"
> In this case, you should know that a user can only send a signal to one of its 
> processes. This implies that fcronsighup has to be root (or have root rights) 
> to send a signal to fcron daemon which is run by root.

I understand perfectly the issue, what I was saying is that the only
unpriviledged user that should be allowed to send this signal to fcron should be
 the fcron user.

What about having fcronsighup with the following rights:
-rwsr-x--- root  fcron
or
-rwsr-xr-- root  fcron

> Actually the best way to do it would be to use dnotify (or inotify) to be 
> informed by the kernel itself about changes in /var/spool/fcron instead of 
> relying on fcronsighup. This is on the to-do list, but not done yet ... if 
> anyone wants to have a go, please do ;)

I can only say that seems seems the best way to go, at least much better than
what I proposed ;-)

> fcron runs the job with the user rights of the owner of the job. It has to be 
> root to be able to change its rights to user's ones.

Ok, so if the user wants only to run his jobs, then he can run it, so it should
be executable by anyone.


-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

-- 
fedora-extras-list mailing list
fedora-extras-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-extras-list

[Index of Archives]     [Fedora General Discussion]     [Fedora Art]     [Fedora Docs]     [Fedora Package Review]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite Backpacking]     [KDE Users]

  Powered by Linux