[Midnightbsd-cvs] CVS Commit: crontab.c: The format of /etc/crontab is different.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sat Aug 18 02:50:52 EDT 2007
Log Message:
-----------
The format of /etc/crontab is different. (who field)
Don't allow silly people to use /etc/crontab by adding some anti foot shooting.
Obtained from FreeBSD rev 1.23 + 1.24
Modified Files:
--------------
src/usr.sbin/cron/crontab:
crontab.c (r1.1.1.1 -> r1.2)
-------------- next part --------------
Index: crontab.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/cron/crontab/crontab.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -Lusr.sbin/cron/crontab/crontab.c -Lusr.sbin/cron/crontab/crontab.c -u -r1.1.1.1 -r1.2
--- usr.sbin/cron/crontab/crontab.c
+++ usr.sbin/cron/crontab/crontab.c
@@ -134,6 +134,7 @@
char *argv[];
{
int argch;
+ char resolved_path[PATH_MAX];
if (!(pw = getpwuid(getuid())))
errx(ERROR_EXIT, "your UID isn't in the passwd file, bailing out");
@@ -200,6 +201,9 @@
*/
if (!strcmp(Filename, "-")) {
NewCrontab = stdin;
+ } else if (realpath(Filename, resolved_path) != NULL &&
+ !strcmp(resolved_path, SYSCRONTAB)) {
+ err(ERROR_EXIT, SYSCRONTAB " must be edited manually");
} else {
/* relinquish the setuid status of the binary during
* the open, lest nonroot users read files they should
More information about the Midnightbsd-cvs
mailing list