Return to BSD News archive
Path: sserve!newshost.anu.edu.au!munnari.oz.au!constellation!aardvark.ucs.uoknor.edu!ns1.nodak.edu!netnews.nwnet.net!ogicse!emory!europa.eng.gtefsd.com! darwin.sura.net!haven.umd.edu!uunet!mcsun!sun4nl!hacktic!not-for-mail Newsgroups: comp.os.386bsd.bugs Subject: cron again Message-ID: <20b36bINNo06@xs4all.hacktic.nl> From: cor@hacktic.nl (Cor) Date: 24 Jun 93 06:22:53 GMT Organization: Hack-Tic, networking for the masses Article-I.D.: xs4all.20b36bINNo06 NNTP-Posting-Host: xs4all.hacktic.nl Lines: 15 Recently someone posted a bug in cron. That was fixed. The NEW cron has a bug thats just as bad and trivial. My friend who noticed it first has emailed vixie about this. If you use cron regularly on an open system id suggest removing the suid bit or whatever you think necessary. It may even be better using the old cron. We made a small patch that solved its security hole. The new bug was only present in the new code, so the old code doesnt suffer from it. Also..remove the sbit from rdist. (unless you REaLLY need it, but I doubt you do :) cor -- | cor@hacktic.nl | Hack-Tic System Management | +31-20-6001480-3 (VMB) | | -------------------------------------------------------------------------| | ######### Signature Virus Running. Contamination Complete ######### | +--------------------------------------------------------------------------+