What of cron?
Posted Jul 13, 2006 19:31 UTC (Thu) by hppnq
In reply to: What of cron?
Parent article: Denial of reality vulnerabilities
I just didn't investigate whether cron works as designed in that case.
Yup, it does. So also in the /etc/cron.d case, a cracker would at least need to be able to manipulate the core dump's filename as well. Which requires root privileges on my system.
Again, this bug is trivially exploitable. But not by just dumping core in /etc/cron.d.
to post comments)