Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Cron Logs File Permissions
Special Forums Cybersecurity Cron Logs File Permissions Post 302949752 by MKH on Wednesday 15th of July 2015 03:08:29 PM
Old 07-15-2015
Cron Logs File Permissions
Are there any security risks in having cron logs readable by all (644)?
We have scheduled some jobs and have issues we want to investigate, but this is justification provided in rejecting our request:
"Cron log will have only read permission for root, we cannot change the permission to make others to read. "
In every *nix environment I have worked, the cron logs have been readable by all.

Is there any valid reason to justify their practice?
 

10 More Discussions You Might Find Interesting

1. AIX

AIX and cron logs filtering ?: /etc/cronlog.conf, /var/adm/cron/log

Hi, I can use 'crontabs –e' and do all the scheduling I like. However I would like to auto send myself just the cronjobs logs that fail. That is to say the PIDs that fail and the related lines with those PID’s only. (Not the full set of logs) Has anyone done this work? Or does an AIX 5.3 tool... (0 Replies)
Discussion started by: Keith Johnson
0 Replies

2. HP-UX

To give the "unzip" permissions & "create" file permissions

Hi, I am a Unix Admin. I have to give the permissions to a user for creating new file in a directory in HP-Ux 11.11 system since he cannot able to create a new file in the directory. Thanks in advance. Mike (3 Replies)
Discussion started by: Mike1234
3 Replies

3. Shell Programming and Scripting

Grep yesterday logs from weblogic logs

Hi, I am trying to write a script which would go search and get the info from the logs based on yesterday timestamp and write yesterday logs in new file. The log file format is as follows: """"""""""""""""""""""""""... (3 Replies)
Discussion started by: harish.parker
3 Replies

4. Shell Programming and Scripting

Retain file permissions when saving .sh file from internet [OS X]

Hello. I have written a bash script that I am sharing with an OS X community I am a member of. The purpose of the script is to execute a series of commands for members without them having to get involved with Terminal, as it can be daunting for those with no experience of it at all. I have renamed... (4 Replies)
Discussion started by: baza210
4 Replies

5. UNIX for Dummies Questions & Answers

File Permissions conflict with Cron

Our site has a page that creates a jpeg graph everytime you load it. I have written a very simple cron job (rm *.jpeg) to delete the graphs once a day. This doesn't happen because the jpegs are owned by nobody:nobody and are write protected. When I do the job manually I am always asked 'are... (3 Replies)
Discussion started by: RexJacobus
3 Replies

6. Shell Programming and Scripting

ksh; Change file permissions, update file, change permissions back?

Hi, I am creating a ksh script to search for a string of text inside files within a directory tree. Some of these file are going to be read/execute only. I know to use chmod to change the permissions of the file, but I want to preserve the original permissions after writing to the file. How can I... (3 Replies)
Discussion started by: right_coaster
3 Replies

7. Shell Programming and Scripting

Setting default permissions without umask or cron jobs

I've got a number of people sending files to me in different directory structures, and users on many different groups who need access to these incoming paths. My problem is that umask assumes a default of 666 for files. No execute bit, meaning that my users can't even see the incoming folders.... (2 Replies)
Discussion started by: Karunamon
2 Replies

8. Shell Programming and Scripting

Changing file permissions of a file created by another user

Hi, I have used expdp for datapump. The .dmp file is created by the "oracle" user. my requirement is to make a zipped file of this .dmp file. What i am trying to do is change the permissions of this .dmp file from 0640 to 0644 and then do a gzip and zip it. Is there any way i can change... (3 Replies)
Discussion started by: qwertyu
3 Replies

9. Shell Programming and Scripting

How to disable cron emails, but only for logrotate only not for other logs?

Guys, is there a script or command? how to disable cron emails, but only for logrotate only not for other logs (3 Replies)
Discussion started by: kenshinhimura
3 Replies

10. Shell Programming and Scripting

If I ran perl script again,old logs should move with today date and new logs should generate.

Appreciate help for the below issue. Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt.............. 1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies

LEARN ABOUT SUSE

cron

CRON(8) 						      System Manager's Manual							   CRON(8)

NAME

       cron - daemon to execute scheduled commands (ISC Cron V4.1)

SYNOPSIS

       cron [-l load_avg] [-n]

DESCRIPTION

       Cron  should  be started from /etc/rc or /etc/rc.local.	It will return immediately, so you don't need to start it with '&'.  The -n option
       changes this default behavior causing it to run in the foreground.  This can be useful when starting it out of init.

       Cron searches /var/spool/cron for crontab files which are named after accounts in /etc/passwd; crontabs found are loaded into memory.  Cron
       also  searches  for  /etc/crontab  and the files in the /etc/cron.d directory, which are in a different format (see crontab(5)).  Cron then
       wakes up every minute, examining all stored crontabs, checking each command to see if it should be run in the current minute.  When execut-
       ing  commands, any output is mailed to the owner of the crontab (or to the user named in the MAILTO environment variable in the crontab, if
       such exists).

       Additionally, cron checks each minute to see if its spool directory's modtime (or the modtime on /etc/crontab) has changed, and if it  has,
       cron will then examine the modtime on all crontabs and reload those which have changed.	Thus cron need not be restarted whenever a crontab
       file is modified.  Note that the Crontab(1) command updates the modtime of the spool directory whenever it changes a crontab.

   Daylight Saving Time and other time changes
       Local time changes of less than three hours, such as those caused by the start or end of Daylight Saving Time, are handled specially.  This
       only  applies  to jobs that run at a specific time and jobs that are run with a granularity greater than one hour.  Jobs that run more fre-
       quently are scheduled normally.

       If time has moved forward, those jobs that would have run in the interval that has been skipped will be run  immediately.   Conversely,	if
       time has moved backward, care is taken to avoid running jobs twice.

       Time changes of more than 3 hours are considered to be corrections to the clock or timezone, and the new time is used immediately.

   PAM Access Control
       On  SUSE  LINUX	systems,  crond  now  supports	access	control with PAM - see pam(8).	A PAM configuration file for crond is installed in
       /etc/pam.d/crond .  crond loads the PAM environment from the pam_env module, but these can be overriden by settings in the crontab file.

SIGNALS

       On receipt of a SIGHUP, the cron daemon will close and reopen its log file.  This is useful in scripts which  rotate  and  age  log  files.
       Naturally this is not relevant if cron was built to use syslog(3).

CAVEATS

       In this version of cron, /etc/crontab must not be writable by any user other than root.	No crontab files may be links, or linked to by any
       other file.  No crontab files may be executable, or be writable by any user other than their owner.

SEE ALSO

       crontab(1), crontab(5), pam(8)

AUTHOR

       Paul Vixie <vixie@isc.org>

4th Berkeley Distribution					 10 January 1996"							   CRON(8)
All times are GMT -4. The time now is 02:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy