crontab security question
If I understand the problem with commands like
find /tmp -mtime +1 -print | xargs rm -f
correctly, it requires write access to exploit to the directory
to exploit. Thus, the following entry in cron.daily/standard
is acceptable and I should leave it in, right?
if cd /var/spool/cron/crontabs
then
find . -name 'tmp.[0-9]*' -mtime +2 -print0 | xargs -r0 rm -f --
fi
Or is there another problem I'm missing?
Steve Greenland
--
The Mole - I think, therefore I scream
"We call it SHADOWNET! Pretty cool, eh?"
[A delinquent hacker talks to the Shadow]
Reply to: