Create an account

Subscribe to LWN

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

What of cron?

What of cron?

Posted Jul 13, 2006 19:31 UTC (Thu) by hppnq (guest, #14462)
In reply to: What of cron? by hppnq
Parent article: Denial of reality vulnerabilities

I just didn't investigate whether cron works as designed in that case.

Yup, it does. So also in the /etc/cron.d case, a cracker would at least need to be able to manipulate the core dump's filename as well. Which requires root privileges on my system.

Again, this bug is trivially exploitable. But not by just dumping core in /etc/cron.d.

(Log in to post comments)

What of cron?

Posted Jul 14, 2006 5:23 UTC (Fri) by hppnq (guest, #14462) [Link]

[Nice, my own thread.]

Well, investigating a bit more turns up that indeed, dumping core in /etc/cron.d is sufficient: cron really doesn't care at all what files are called in /etc/cron.d. OMG. OMG. OMG. Jon, you were right as always.

(But really, cron's security model is *unbelievably* stupid.)

What of cron?

Posted Jul 19, 2006 7:25 UTC (Wed) by hein.zelle (guest, #33324) [Link]

Has this behaviour of cron led to any separate security advisories / fixes yet?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds