[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AW: [cobalt-users] server-wide cron-folder
- Subject: Re: AW: [cobalt-users] server-wide cron-folder
- From: "Colin J. Raven" <cjraven@xxxxxxxxxxx>
- Date: Sat Feb 10 12:06:01 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> >
> > That sounds like a major security whole if you ask me... Because all the
> > scripts would be run as root.
>
> so it´s not possible to run it as `normal´ user?
A user with shell access can start a file (let's call it "myfirstcron" and
stick some entries in there. Now I don't know how you feel about giving
users a shell account, but that's another subject. :-)
Now the user gets their "myfirstcron" file up to snuff, then simply does
a:
[colin@sheepdip]:~/timer$ crontab myfirstcron
To get the contents of yourcrontab, simply do a:
[colin@sheepdip]:~/timer$ crontab -l
If whacked out stuff starts to happen and you need to kill the whole thing
in a big hurry do a:
[colin@sheepdip]:~/timer$ crontab -r
I'd agree without reservation, that it would be a very VERY "Bad Thing"
for any user to have *any* access to system-wide cron files. Not even so
much as read access IMHO. This is what crontab is for, they can do their
own stuff without screwing up your carefully crafted system files. However
as a matter of prudence, watch what they are running, and kill the process
as well as their crontab itself if they start slurping up system
resources.
Regards,
Colin
--
Colin J. Raven
Linux Registered User #82296
2:38pm up 1:32, 2 users, load average: 0.00, 0.00, 0.00