diff options
author | ulfvonbelow <striness@tilde.club> | 2023-02-02 19:29:47 +0000 |
---|---|---|
committer | Dale Mellor <mcron-lsfnyl@rdmp.org> | 2023-03-18 14:00:26 +0000 |
commit | 9211d46225bbf7640e4c7f3e6053d89c205cbf60 (patch) | |
tree | f8473f33dac6ba3ab3aed847b62f49219599fe10 /src/crontab.c | |
parent | cbce8eb293321aef12d153abce31cc3c6ab14f95 (diff) | |
download | mcron-9211d46225bbf7640e4c7f3e6053d89c205cbf60.tar.gz mcron-9211d46225bbf7640e4c7f3e6053d89c205cbf60.tar.bz2 mcron-9211d46225bbf7640e4c7f3e6053d89c205cbf60.zip |
Make vixie cron mode actually work, and work safely
I suspect nobody has used the legacy cron mode in a long time, possibly
ever. If you look at the changes I've made, you'll probably see why I suspect
this. I happen to have tried to use it so that one of my users could use the
format he was familiar with, and ended up making a lot of necessary fixes -
some just to make it work, but many to achieve the most basic of security
requirements.
If anyone has mcron's crontab script installed setuid-root and is on a system
that respects the setuid bit of scripts, or has manually created a setuid
wrapper around the crontab script, they should apply these patches
ASAP.
ulfvonbelow (5):
cron: use signal numbers instead of symbols.
Makefile.am: don't install cron as setuid.
config.scm.in: rename to config.scm.in.in, substitute from Makefile.
crontab: split into crontab and setuid helper crontab-access.
crontab-access: replace with wrapper, rename to crontab-access-real.
Makefile.am | 53 +++-
configure.ac | 10 +-
src/crontab-access-real.in | 45 ++++
src/crontab-access.c.in | 10 +
src/mcron/{config.scm.in => config.scm.in.in} | 1 +
src/mcron/scripts/cron.scm | 2 +-
src/mcron/scripts/crontab-access.scm | 121 +++++++++
src/mcron/scripts/crontab.scm | 255 ++++++++----------
8 files changed, 338 insertions(+), 159 deletions(-)
create mode 100644 src/crontab-access-real.in
create mode 100644 src/crontab-access.c.in
rename src/mcron/{config.scm.in => config.scm.in.in} (97%)
create mode 100644 src/mcron/scripts/crontab-access.scm
--
2.38.1
Diffstat (limited to 'src/crontab.c')
0 files changed, 0 insertions, 0 deletions