Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 16th October 2008, 09:31
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 419
Thanks: 33
Thanked 24 Times in 19 Posts
Send a message via ICQ to radim_h
Default Security of user crontabs

Hello guys,

i have question regarding new crontabs in ispconfig..

1. is it running under user account or root account?
I'm just imaging someone created record in crontab like
rm -rf / What will happen then?

Generally is it big risk to allow users crontabs?

2. is it possible to restrict contabs just to certain type of scripts eg. .php scripts?
Reply With Quote
Sponsored Links
  #2  
Old 16th October 2008, 09:35
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,145
Thanks: 4
Thanked 55 Times in 51 Posts
Default

I tend to say user crontabs run under the user and not root. It would just be too risky otherwise.
__________________
"Common sense is not as common as commonly believed" by sjau

Auto-Install Script for ISPConfig and Horde on a Vanilla Debian Stable

Need more Repos for Ubuntu? Repository Generator
Need more Repos for Debian? Debian Repository Generator
Reply With Quote
  #3  
Old 16th October 2008, 12:37
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,717
Thanks: 820
Thanked 5,322 Times in 4,175 Posts
 
Default

Quote:
1. is it running under user account or root account?
I'm just imaging someone created record in crontab like
rm -rf / What will happen then?

Generally is it big risk to allow users crontabs?
The scripts are run under the priviliges of the user and not as root.


Quote:
2. is it possible to restrict contabs just to certain type of scripts eg. .php scripts?
No. And this would not be much help security wise as a user would be able to run exec('rm -rf /'); inside the php script.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
freebsd 7, samba 3, domain controller alexdimarco Suggest HOWTO 6 5th November 2010 16:54
Anything I can do against illegal login-requests? schmidtedv Installation/Configuration 17 7th November 2008 09:25
Ruby / FastCGI Problem Chad Server Operation 1 8th March 2008 20:38
log files cruz Technical 3 15th May 2007 14:35


All times are GMT +2. The time now is 20:09.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.