User: Password:
|
|
Subscribe / Log in / New account

What of cron?

What of cron?

Posted Jul 13, 2006 18:11 UTC (Thu) by corbet (editor, #1)
In reply to: What of cron? by hppnq
Parent article: Denial of reality vulnerabilities

/etc/cron.d is a very different place, it has nothing to do with per-user crontabs at all.


(Log in to post comments)

What of cron?

Posted Jul 13, 2006 18:26 UTC (Thu) by hppnq (guest, #14462) [Link]

Yes, that's what I meant. I just didn't investigate whether cron works as designed in that case. ;-)

(By the way, I did not mean to make the problem look any less serious than it is, though. Patch!)

What of cron?

Posted Jul 13, 2006 19:31 UTC (Thu) by hppnq (guest, #14462) [Link]

I just didn't investigate whether cron works as designed in that case.

Yup, it does. So also in the /etc/cron.d case, a cracker would at least need to be able to manipulate the core dump's filename as well. Which requires root privileges on my system.

Again, this bug is trivially exploitable. But not by just dumping core in /etc/cron.d.

What of cron?

Posted Jul 14, 2006 5:23 UTC (Fri) by hppnq (guest, #14462) [Link]

[Nice, my own thread.]

Well, investigating a bit more turns up that indeed, dumping core in /etc/cron.d is sufficient: cron really doesn't care at all what files are called in /etc/cron.d. OMG. OMG. OMG. Jon, you were right as always.

(But really, cron's security model is *unbelievably* stupid.)

What of cron?

Posted Jul 19, 2006 7:25 UTC (Wed) by hein.zelle (guest, #33324) [Link]

Has this behaviour of cron led to any separate security advisories / fixes yet?


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds