LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

vixie-cron: privilege escalation

vixie-cron: privilege escalation

Posted Jul 22, 2006 19:48 UTC (Sat) by jfs (subscriber, #7140)
Parent article: vixie-cron: privilege escalation

I was surprised to see that this was fixed in Debian (before I go to maintain the cron package) as it was done by the previous maintainer (Steve Greenland) over 5 years ago! See http://svn.debian.org/wsvn/pkg-cron/trunk/?rev=153&sc=1

OpenBSD (on which OpenWall Linux is based on) fixed this (only :) 2 years ago, http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/cron/d... but FreeBSD only did so recently: http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/cron/c...
and so did NetBSD: http://cvsweb.netbsd.org/bsdweb.cgi/src/usr.sbin/cron/do_...

Since Paul Vixie's cron is such a heavily-used package (by most GNU/Linux and BSD operating systems) and there's lots of patches and improvements from different vendors I wonder if all the cron maintainers should get together in order to do a proper review of what other's have patched and try to get an improved (and common) codebase.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds