diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2002-05-09 21:22:02 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2002-05-09 21:22:02 +0000 |
| commit | 124d0347b10f2c64912889fab1379f308b796911 (patch) | |
| tree | 1f009cb40f170648cc70571d89992e375b0fbf94 /usr.sbin/cron/database.c | |
| parent | 0fcf09b27f6901580349da84181cdf8f92d74a8c (diff) | |
crontab is no longer setuid root, it is now setgid crontab.
These changes were modelled after the Owl version of vixie-cron,
but developed independently.
Our crontab used to send cron SIGUSR1 to tell cron to reread the
spool dir. Now that crontab is not setuid root this doesn't work.
Instead, crontab pokes cron via a Unix domain socket located in the
tabs dir.
Please note, after these changes, the owner on user crontab files
will have to be changed manually from root to the uid of the
corresponding user for crontab to be usable. cron itself will accept
tab files owned by either root or the user.
Also, any /var/cron/{allow,deny} files must be readable by group crontab.
Diffstat (limited to 'usr.sbin/cron/database.c')
| -rw-r--r-- | usr.sbin/cron/database.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/usr.sbin/cron/database.c b/usr.sbin/cron/database.c index 7fec60661c5..d575465ddc6 100644 --- a/usr.sbin/cron/database.c +++ b/usr.sbin/cron/database.c @@ -1,4 +1,4 @@ -/* $OpenBSD: database.c,v 1.5 2001/02/18 19:48:33 millert Exp $ */ +/* $OpenBSD: database.c,v 1.6 2002/05/09 21:22:01 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved */ @@ -21,7 +21,7 @@ */ #if !defined(lint) && !defined(LINT) -static char rcsid[] = "$OpenBSD: database.c,v 1.5 2001/02/18 19:48:33 millert Exp $"; +static char rcsid[] = "$OpenBSD: database.c,v 1.6 2002/05/09 21:22:01 millert Exp $"; #endif /* vix 26jan87 [RCS has the log] @@ -190,7 +190,7 @@ process_crontab(const char *uname, const char *fname, const char *tabname, goto next_crontab; } - if ((crontab_fd = open(tabname, O_RDONLY, 0)) < OK) { + if ((crontab_fd = open(tabname, O_RDONLY|O_NONBLOCK|O_NOFOLLOW, 0)) < OK) { /* crontab not accessible? */ log_it(fname, getpid(), "CAN'T OPEN", tabname); @@ -201,6 +201,22 @@ process_crontab(const char *uname, const char *fname, const char *tabname, log_it(fname, getpid(), "FSTAT FAILED", tabname); goto next_crontab; } + if (!S_ISREG(statbuf->st_mode)) { + log_it(fname, getpid(), "NOT REGULAR", tabname); + goto next_crontab; + } + if ((statbuf->st_mode & 07777) != 0600) { + log_it(fname, getpid(), "BAD FILE MODE", tabname); + goto next_crontab; + } + if (statbuf->st_uid != 0 && pw && statbuf->st_uid != pw->pw_uid) { + log_it(fname, getpid(), "WRONG FILE OWNER", tabname); + goto next_crontab; + } + if (statbuf->st_nlink != 1) { + log_it(fname, getpid(), "BAD LINK COUNT", tabname); + goto next_crontab; + } Debug(DLOAD, ("\t%s:", fname)) u = find_user(old_db, fname); |