What of cron?
Posted Jul 13, 2006 14:39 UTC (Thu) by droundy
In reply to: What of cron?
Parent article: Denial of reality vulnerabilities
Cron is a trivial example, but there are plenty of programs that execute scripts located in particular directories of /etc (although perhaps not so often), so a bug that allows users to dump files in directories where they have no permissions I would say is inherently a priviledge escalation bug.
Yes, cron could be more careful, but on the other hand, relying on unix permissions to restrict users doesn't seem like an inherent security flaw.
to post comments)