On 12/10/2014 10:01 AM, Alexandre Detiste wrote:
control: tags -1 fixed-upstream
Hi,
I'm still working on this last major bug of systemd-cron.
I came up with this setuid helper, that is called by crontab when needed:
https://github.com/systemd-cron/systemd-cron/blob/setuid/src/bin/crontab_setuid.c
I avoided the most obvious pitfalls: string format attacks,
tmp files/symlinks attacks (it uses stdin/stdout to pass crontab data);
and I made it as bare as possible.
Please review it
Alexandre
--
systemd-cron postinst script needs to do this too:
chown root:root /var/spool/cron/crontabs
chmod 770 /var/spool/cron/crontabs
Please forget about my comment about switching ids, not enough coffee
today :(
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
