In my opinion none of these permission changes make any sense for installations that aren't guided by some mostly much more strict requirements than those for the Fedora workstations or other general installations of Fedora. They simply should not be applied.
Removing the setuid bit from the crontab command is simply wrong as it breaks crontab for regular users. I do not even know why the /var/spool/anacron/cron.* permissions on the ghost files should be set to executable by owner - there is no point doing that as that makes the permissions more allowing than they currently are. And making /etc/cron.d and /etc/cron.hourly unreadable to anybody else than root will break the possibility to examine what would be the next job run by the cronnext command. -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
