[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: crontab and editors (was Re: Editor Priorities)



On Sun, May 12, 2002 at 03:04:01PM -0500, Steve Greenland wrote:
> 		if (mkdir(Directory, 0700)==0) {
> 	        if (chown(Directory, getuid(), getgid()) < 0) {
>                 perror(Directory);
>                 goto fatal;
>             }
> 			break;
>         }
> 
> That seems correct, and works as expected, but I wanted to check and
> make sure I've not missed something unsafe.

You've completely missed the point of the patch. :) The goal is to allow
the user to edit the crontab file but not to turn it into a symlink or
somesuch. By creating a directory and then chowing it so that the user
can create & remove the files in it, you've lost all the point of
creating the directory in the first place. Try mkdir with permission
mask 0711. 

-- 
Mike Stone

Attachment: pgpSl22QwQqVk.pgp
Description: PGP signature


Reply to: