Hello guys,

i have question regarding new crontabs in ispconfig..

1. is it running under user account or root account?
I'm just imaging someone created record in crontab like
rm -rf / What will happen then?

Generally is it big risk to allow users crontabs?

2. is it possible to restrict contabs just to certain type of scripts eg. .php scripts?

I tend to say user crontabs run under the user and not root. It would just be too risky otherwise.

1. is it running under user account or root account?
I'm just imaging someone created record in crontab like
rm -rf / What will happen then?

Generally is it big risk to allow users crontabs?

The scripts are run under the priviliges of the user and not as root.


2. is it possible to restrict contabs just to certain type of scripts eg. .php scripts?

No. And this would not be much help security wise as a user would be able to run exec('rm -rf /'); inside the php script.