Dear cron maintainer, Some systemd-cron users have discovered that the crontab program shipped with systemd-cron can't work for users != root because it is a python script and the setgid bit has no effect on these.
I'm myself a newbie in the upstream team, and the two other upstreams which have already agreed to relicense and let me merge their respective (half-)projects are not interrested to mess with a setgid C program that can be a security hole. The easiest & safest solution for me is to ask you to generate an extra standalone 'crontab' package at the end of your build. Here is a sample git tree: https://github.com/a-detiste/crontab/commit/37ce687a58187d3cce610b28c1fad47854576584 This may not cleanly apply on top of http://anonscm.debian.org/cgit/pkg-cron/pkg-cron.git , because this repository is not up-to-date and doesn't include the Nmu's. I added Ansgar in CC, as he may knows. PS: please forgive me for using your quote here :-) http://users.teledisnet.be/ade15809/cron-daemon.html Alexandre Detiste Le lundi 20 octobre 2014, 15:35:46 Yuri D'Elia a écrit : > On 10/20/2014 03:23 PM, Alexandre Detiste wrote: > > Hi, > > > > I have already discussed this bug with the two other upstreams: > > https://github.com/systemd-cron/systemd-cron/issues/15 > > > > They don't really want to mess with a setuid C program that is a potential > > security hole. > > > > > > Splitting crontab into a separate package would definitely be the way to > go IMHO. It's true that we don't really need another implementation, and > the proposed work-arounds are not good enough. > > Did you already ask the cron maintainers if such a patch will be accepted?
signature.asc
Description: This is a digitally signed message part.
