Package: cron Version: 3.0pl1-104 Severity: grave When in enforcing mode it would be a serious security hole if a cron job was launched without setting the security context - this would be exactly analogous to forgetting to call setgid() and setuid() before launching a cron job.
The current version has code in do_command.c to skip the check if for some reason the security context is not set. One way that this might happen is if cron is started while the machine is in permissive mode and the machine is set to enforcing mode while cron is running. Of course fixing this issue with cron won't address the issue of a cron job that is already running. Also there's the issue of code bugs. It would be good if a bug in one section of code which results in a field not being filled in would not result in inappropriate privileges being granted in another section. The following patch fixes this. diff -ru /tmp/cron-3.0pl1.orig/do_command.c ./do_command.c --- /tmp/cron-3.0pl1.orig/do_command.c 2008-09-19 22:59:45.000000000 +1000 +++ ./do_command.c 2008-09-20 14:51:21.000000000 +1000 @@ -331,13 +331,20 @@ fprintf(stdout,"error"); #endif #ifdef WITH_SELINUX - if ((is_selinux_enabled() > 0) && (u->scontext != 0L)) { - if (setexeccon(u->scontext) < 0) { - if (security_getenforce() > 0) { - fprintf(stderr, "Could not set exec context to %s for user %s\n", u->scontext,u->name); - _exit(ERROR_EXIT); - } + if (is_selinux_enabled() > 0) { + if (u->scontext != 0L) { + if (setexeccon(u->scontext) < 0) { + if (security_getenforce() > 0) { + fprintf(stderr, "Could not set exec context to %s for user %s\n", u->scontext,u->name); + _exit(ERROR_EXIT); + } + } } + else if(security_getenforce() > 0) + { + fprintf(stderr, "Error, must have a security context for the cron job when in enforcing mode.\nUser %s.\n", u->name); + _exit(ERROR_EXIT); + } } #endif execle(shell, shell, "-c", e->cmd, (char *)0, jobenv); -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]