[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: crontab and editors (was Re: Editor Priorities)

On 09-May-02, 03:23 (CDT), Manoj Srivastava <srivasta@debian.org> wrote: 
>  Steve> How is this broken - Other than in the presence of editors that do
>  Steve> backups incorrectly. :-)
> 	The assumption that the inode has not changed is the breakage.
>  I should have read the whole thread before posting (I thought there
>  was a tmp race y'all were talking about), but this is still a problem...

It's not an assumption, it's a deliberate design choice by Paul Vixie,
explicitly commented as such in the code, particularly to *avoid* the
tmp race issue. 

Look, it would make my life easier if it worked by re-opening the file,
which should work with any editor. But someone competent in security
issues needs to submit a patch to be audited by others in security
issues before I'll make such a change. Items to consider:

1. crontab is suid (has to be, to read/write /var/spool/cron/crontabs).

2. crontab -u otheruser (usuable by root, only).

3. closing and reopening the file in any user-writable space is
unnacceptable, for obvious reasons.


Steve Greenland

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: