From 499d0f0cb7d5052e362242fc682568b9a82246fb Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 28 Mar 2007 16:49:26 +0000 Subject: Since /etc/crontab is not edited via crontab(1) there's no good reason to require its mode to be be 0400 or to bail if the link count is != 1. The reason for such paranoia all has to do with crontab(1) and editing user crontab files. We now only require that /etc/crontab not be writable by anyone other than the owner. OK deraadt@ ajacoutot@ jmc@ --- usr.sbin/cron/cron.8 | 17 +++++++---------- usr.sbin/cron/database.c | 13 ++++++++----- 2 files changed, 15 insertions(+), 15 deletions(-) (limited to 'usr.sbin') diff --git a/usr.sbin/cron/cron.8 b/usr.sbin/cron/cron.8 index cf39eda89f5..2af248d47a4 100644 --- a/usr.sbin/cron/cron.8 +++ b/usr.sbin/cron/cron.8 @@ -17,7 +17,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.\" $OpenBSD: cron.8,v 1.28 2007/02/18 23:59:03 jmc Exp $ +.\" $OpenBSD: cron.8,v 1.29 2007/03/28 16:49:25 millert Exp $ .\" .Dd July 6, 2002 .Dt CRON 8 @@ -212,14 +212,11 @@ to check for crontab changes immediately .Sh AUTHORS .An Paul Vixie Aq vixie@isc.org .Sh CAVEATS -All .Xr crontab 5 -files must not be readable or writable by any user other than their owner, -including -.Pa /etc/crontab . -In practice this means they should be mode 0600. -This restriction is enforced automatically by -.Xr crontab 1 -but if +files will be ignored if they do not have the proper file mode. +For user crontab files created by +.Xr crontab 1 , +the mode must be 0400 or 0600. +If the system crontab file is used, .Pa /etc/crontab -is used, the mode must be set manually on that file. +must not be writable by any user other than root. diff --git a/usr.sbin/cron/database.c b/usr.sbin/cron/database.c index c14132dfcf3..3a571adc0ec 100644 --- a/usr.sbin/cron/database.c +++ b/usr.sbin/cron/database.c @@ -1,4 +1,4 @@ -/* $OpenBSD: database.c,v 1.16 2004/06/22 03:15:33 avsm Exp $ */ +/* $OpenBSD: database.c,v 1.17 2007/03/28 16:49:25 millert Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * All rights reserved @@ -22,7 +22,7 @@ */ #if !defined(lint) && !defined(LINT) -static char const rcsid[] = "$OpenBSD: database.c,v 1.16 2004/06/22 03:15:33 avsm Exp $"; +static char const rcsid[] = "$OpenBSD: database.c,v 1.17 2007/03/28 16:49:25 millert Exp $"; #endif /* vix 26jan87 [RCS has the log] @@ -209,15 +209,18 @@ process_crontab(const char *uname, const char *fname, const char *tabname, goto next_crontab; } if ((statbuf->st_mode & 07577) != 0400) { - log_it(fname, getpid(), "BAD FILE MODE", tabname); - goto next_crontab; + /* Looser permissions on system crontab. */ + if (pw != NULL || (statbuf->st_mode & 022) != 0) { + log_it(fname, getpid(), "BAD FILE MODE", tabname); + goto next_crontab; + } } if (statbuf->st_uid != ROOT_UID && (pw == NULL || statbuf->st_uid != pw->pw_uid || strcmp(uname, pw->pw_name) != 0)) { log_it(fname, getpid(), "WRONG FILE OWNER", tabname); goto next_crontab; } - if (statbuf->st_nlink != 1) { + if (pw != NULL && statbuf->st_nlink != 1) { log_it(fname, getpid(), "BAD LINK COUNT", tabname); goto next_crontab; } -- cgit v1.2.3