Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Cron security issues?
Top Forums UNIX for Advanced & Expert Users Cron security issues? Post 302639251 by methyl on Friday 11th of May 2012 11:47:16 AM
Old 05-11-2012
We never allow users permissions for cron. This is a quality control and scheduling decision and not a security issue as such. We use "su" from the root cron to execute scripts in the name of the user and have automated scripts to check the cron log and the root mail file for errors.

There was a thread on unix.com recently where a badly-written user cron executed a command which hung. After a while the cron queue limit was exceeded and the system crons stopped running.

I had a trusted contractor who had access to run "at" jobs but not to run "cron" jobs. After he left a process stopped working after a reboot. It turned out (after a lot of detective work) that he was using self-spawning "at" jobs to stop/start the background processes. Ever since then all automated start/stop scripts have been tested from cron at the same time that the code is tested.
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

NFS security issues with lockd and statd

We are trying to implement a NAS solution with UNIX servers and multiple networks, and I've heard that NFS has security issues with lockd and statd. The security issue as it was explained to me is that these services are subject to vulnerabilities/exploits, and that users who connect to Unix... (1 Reply)
Discussion started by: onceagain
1 Replies

2. Shell Programming and Scripting

FTP Cron issues

I am on AS3 Update 4 Linux and am having an issue with an automated ftp script, I tried using the fd/sub proc method and that did not seem to work either. I normally use the following method to perform my ftp's but for some reason it works if I launch the script at the command line but in Cron it... (4 Replies)
Discussion started by: bryanthomas
4 Replies

3. Solaris

cron / crontab issues - solaris 10

I am having some issues with my cronjobs not running in solaris 10. Cron is running: ~> ps -ef | grep cron root 202 1 0 Jul 18 ? 0:01 /usr/sbin/cron bender 1646 1562 0 01:57:49 syscon 0:00 grep cron crontab -l lists the cronjob and I *think* its in the... (8 Replies)
Discussion started by: ippy98
8 Replies

4. Homework & Coursework Questions

Security issues with universal access of file

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: If you look at the permissions associated with a symbolic link, it has universal access. Does this lead to... (0 Replies)
Discussion started by: linux17
0 Replies

5. Shell Programming and Scripting

Bash/cron issues

Hi all, I am trying to run a cronjob to push my files to my git repo once a week and output a prompt to a logfile, my script works fine if I invoke it manually but my cronjob wont run for some reason, I have sourced the file, and restarted my Mac to no avail, right now I believe I have the cronjob... (8 Replies)
Discussion started by: gmenfan83
8 Replies

6. AIX

Cron scripts security

Hello everyone, I have an AIX 6.1 machine and i experienced a problem with my cron scripts. It appears that somebody renamed a cron script so crontab could not execute it. Is there a way to put some security on cron scripts so nobody else except root can rename or delete a cron script? Or they... (6 Replies)
Discussion started by: omonoiatis9
6 Replies

7. UNIX for Dummies Questions & Answers

Db2 command issues with cron

Hi, I have a very simple script that queries from a DB2 table. The script has 3 parts - (i) Sets the db2profile (ii) connects to db2 using credentials (iii) executes the query.This script works fine if i run it manually from the command prompt. However when scheduled in crontab, it proceeds... (2 Replies)
Discussion started by: VeePee
2 Replies

LEARN ABOUT REDHAT

cron

CRON(8) 						      System Manager's Manual							   CRON(8)

NAME

       cron - daemon to execute scheduled commands (Vixie Cron)

SYNOPSIS

       cron

DESCRIPTION

       Cron should be started from /etc/rc or /etc/rc.local.  It will return immediately, so you don't need to start it with '&'.

       Cron searches /var/spool/cron for crontab files which are named after accounts in /etc/passwd; crontabs found are loaded into memory.  Cron
       also searches for /etc/crontab and the files in the /etc/cron.d/ directory, which are in a different format (see  crontab(5)).	Cron  then
       wakes up every minute, examining all stored crontabs, checking each command to see if it should be run in the current minute.  When execut-
       ing commands, any output is mailed to the owner of the crontab (or to the user named in the MAILTO environment variable in the crontab,	if
       such exists).

       Additionally,  cron checks each minute to see if its spool directory's modtime (or the modtime on /etc/crontab) has changed, and if it has,
       cron will then examine the modtime on all crontabs and reload those which have changed.	Thus cron need not be restarted whenever a crontab
       file is modified.  Note that the Crontab(1) command updates the modtime of the spool directory whenever it changes a crontab.

SEE ALSO

       crontab(1), crontab(5)

AUTHOR

       Paul Vixie <paul@vix.com>

4th Berkeley Distribution					 20 December 1993							   CRON(8)
All times are GMT -4. The time now is 07:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy