First, try paragraphs! On Thursday 21 August 2003 13:51, Scott Jones wrote: > I never really have used cron but lately i have been trying to. I was > trying to get it to check my email hourly by putting an entry into the > cron.hourly directory. Well suffice to say it did not work. So i deleted > the file and
The /etc/cron.[daily,hourly,monthly,weekly] directories are use for system administrative stuff by convention. However, it should work anyway. > next i was trying to use crontab from my local user. I could > not so after much google searching I made a cron.allow file and added my > user to it. This still didnt work. I added my users name into the cron > entry in my /etc/groups file. Still no dice. To use cron as an unpriveleged user, that user must be in the cron group in /etc/group. Once that is done, logout and login again to update permissions, after which you can run "crontab -e" to edit your cron jobs. I think it's insane, but group membership only seems to be read at logon time. (somebody please correct me and/or tell me how to make it *always* read /etc/group!) The format for crontab can be found by running "man 5 crontab". > Finally i went and modifed > the privledges onthe executable now i can use crontab as a normal user, but > after more searching i found that there is a buffer overflow attack which > can allow a non root user to get root privledges. I am the only user of my > system so i am not to worried but i was wondering if someone more > knowledgeable could tell me if what i am doing is silly. I haven't touched the permissions on my /usr/bin/crontab or /usr/sbin/cron. The info you found on the buffer flow overflow should have been tied to specific version(s). Did you check if the version you have is vulnerable? I imagine it probably is not. Either way, the default permissions seem fine. > Should i just > figure a way to do everything i want to do with cron from root. I > personally am leaning toward figuring a way to do it just with root, > because i figure there is a reason why cron and crontab were installed with > the permissions they had. Your feedback is appreciated. I suggest re-emerging vcron (or whichever cron you're using), confirming you have correct permissions on /var/spool/cron/crontabs/* or perhaps just removing the /var/spool/cron directory before re-emerging vcron, and then using "crontab -e" to edit cron settings. Also, read "man 1 crontab" and 'man 1 cron'. Regards, Jason -- [EMAIL PROTECTED] mailing list
