[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

system/3807: Enhancement to cron daemon

To: gnats@openbsd.org
Subject: system/3807: Enhancement to cron daemon
From: whoward@ualberta.ca
Date: Thu, 3 Jun 2004 11:32:07 -0600 (MDT)
Resent-Date: Thu, 3 Jun 2004 11:40:03 -0600 (MDT)
Resent-From: gnats@cvs.openbsd.org (GNATS Filer)
Resent-Message-Id: <200406031740.i53He392013983@cvs.openbsd.org>
Resent-Reply-To: gnats@cvs.openbsd.org, whoward@ualberta.ca
Resent-To: bugs@cvs.openbsd.org

>Number:         3807
>Category:       system
>Synopsis:       cron will not use /etc/crontab which has mode 0400
>Confidential:   yes
>Severity:       non-critical
>Priority:       low
>Responsible:    bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jun 03 17:40:02 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Walt Howard
>Release:        cron 1.32, database.c 1.13
>Organization:
University of Alberta
>Environment:
	System      : OpenBSD 3.5
	Architecture: OpenBSD.sparc64
	Machine     : sparc64
>Description:
	At line 211 of database.c, the mode of a crontab file is checked to
	verify that it is 0600.  We shouldn't really care if it is
	owner-writable.  If /etc/crontab is managed with RCS, it won't be
	owner-writable.  So the test
	((statbuf->st_mode & 07777) != 0600)
	should instead be
	((statbuf->st_mode & 07577) != 0400)
>How-To-Repeat:
	Create /etc/crontab; chmod 0400 /etc/crontab
	Observe complaint about BAD FILE MODE in /var/cron/log.
>Fix:
	As above.  Mask out the owner-write bit in the test of file mode.


>Release-Note:
>Audit-Trail:
>Unformatted:

Prev by Date: Bug in getopt*() with optional args and permutation off / POSIXLY_CORRECT set.
Next by Date: Re: system/3807
Prev by thread: Bug in getopt*() with optional args and permutation off / POSIXLY_CORRECT set.
Next by thread: Re: system/3807
Index(es):
- Date
- Thread