El Lunes, 11 de Septiembre de 2006 18:44, Steve Berg escribió: > > If that were true then the user could run the damaging process anytime > they wished since cron will execute a user's crontab with that user's > permissions. On systems I work with cron is available to any user on a > fresh install. > -- I wanna mean that it's not a good idea to allow system accounts to access crontab. Of course that users are allow or should be allow in mostle scenaries to use cron, cause they are only allow to run scripts with users permissions, that's clear for all. IMHO if for instance apache user or nobody one is able to set up tasks on crontab, you're box is on risk, isn't it? By the way, if some one get access to your server using an apache bug or whatever, you're in trouble. it's just an opinion, maybe i'm too paranoic with system security, could be. Cheers. -- Manuel Arostegui Ramirez. Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
