This bug was fixed in the package cron - 3.0pl1-133ubuntu1
---
cron (3.0pl1-133ubuntu1) eoan; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/control:
+ Move MTA to Suggests field.
- d/cron.default: change to a deprecated message to make it clear
** Changed in: cron (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1813833
Title:
User without read permission on cron.allow can execute crontab
To m
Hello Brandon,
I wasn't able to use an untrusted user account to induce this behaviour.
So, I'm making this bug public so that more people can be made aware of
the misconfiguration that is being encouraged.
It's unfortunate that the providers of this advice never actually tested
it themselves.
I
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1813833
Title:
User without read permission on cron.allow can execute crontab
To m