Hi all,
We just discovered the change of the 1000 lines limit, because we have some big crontab that are now broken. Our servers run multiple MySQL instances, that each runs many databases, the contab contains one line per database to dump once a day, so we have up to 4500 lines of legit command for a user. We tried to find a way to make it works, but we didn't found a secure one. (We don't want those cron jobs to be run by root) Currently we have downgraded the cron package to keep our prod working. The idea of the configurable limit in /etc/default/cron sounds very interesting to me (Maybe two different config for root ones and userland ones ?), it could allow the sysadmin to adapt the value for each use case. Did you have the time to take a look at it yet ? Or could you consider to raise the limit up to 5000 ? (I don't really see if a limit set to this value still protect from CVE-2019-9705 as it probably depends of the amount of memory available on the server) Any way, thank you all for the work on Debian project (even if this patch doesn't really fit my needs :D ) That's the first time i reply on a debian bug, so, sorry if didn't follow some "rules"... Maxime Feron OVH - DevOps databases
