Re: Editor Priorities
* Steve Greenland
| As far as it being crontab only, it shouldn't be. It should be for any
| program that creates a file in /tmp, allows the root user to edit it,
| and then reads the result. A program that allows inode on that file to
| change is just asking for trouble (yes, I suppose there are other ways
| to ensure security, but that's the easiest one).
Why?
set -e
DIR="/tmp/foo$PID$RANDOM"
mkdir "$DIR"
cd "$DIR"
cp /var/spool/cron/crontabs/$USER crontab
editor crontab
chown 0:0 crontab
syncheck crontab
cp crontab /var/spool/cron/crontabs/$USER
rm -rf "$DIR"
--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: