[security] at.deny exists
Bug #151611 reported by
John Moser
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| at (Ubuntu) |
Won't Fix
|
Undecided
|
Kees Cook | ||
Bug Description
Binary package hint: at
By default, the /etc/at.deny file exists. No cron.{allow,deny} files exist, nor at.allow
If only the superuser needs access to create cron jobs for a standard Ubuntu install, at.deny should not exist. Rename the file to /usr/share/
If any other users need access for a functional Ubuntu install, create an /etc/at.allow file and populate it with those users which need access. With at.allow, at ignores any at.deny file and simply denies access to all users not mentioned in at.allow
Revision history for this message
| Colin Watson (cjwatson) wrote | #1 |
Revision history for this message
| Kees Cook (kees) wrote | #2 |
| Changed in at: | |
| assignee: | nobody → keescook |
| status: | New → Won't Fix |
To post a comment you must log in.
I don't see how this is a problem. at.deny disallows system users that should never need to use at from doing so. I think it is correct for normal users to be able to use at; after all they could do the same without at. There is no call to disable convenient facilities in the name of non-existent "security" gains.