From: Ted.Fisher@dana.com
Date: Tue Dec 12 2006 - 17:43:13 EST
We have security auditors who are again suggesting that we should have
unix systems configured so that only root user is allowed to run cron and
at jobs. We are still baffled as to why they feel that usage of cron and
at are evil. They claim that the issue is control of user access, but
cron does not allow the user access to anything they don't already have
access to - only control over when it is run. It appears to us that the
auditors are simply misunderstanding - thinking that the file cron.allow
must be giving new access rights based on the name.
Does anyone know what exactly it is that gets the auditors all in a huff
over cron? Is there some hole that we're not aware of?
We are planning to tell the auditors that we are not planning on changing
all user cron jobs; but I don't want to create a big fuss if there is
anything that might cause a compromise.
Your feedback will be most appreciated.
Thanks.
Ted F. Fisher
(419) 482 - 2042
Dana Corporation
Dana Information Technology
Systems Management Team
Ted.Fisher@dana.com
Any gain at the expense of virtue is no gain
Any loss endured for the sake of virtue is no loss
</PRE>
<div style="font-family:arial;font-size:8pt;">
<hr>
<p>This e-mail, and any attachments, is intended solely for use by the addressee(s) named above. It may contain the confidential or proprietary information of Dana Corporation, its subsidiaries, affiliates or business partners. If you are not the intended recipient of this e-mail or are an unauthorized recipient of the information, you are hereby notified that any dissemination, distribution or copying of this e-mail or any attachments, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by reply e-mail and permanently delete the original and any copies or printouts.</p>
<p>Computer viruses can be transmitted via email. The recipient should check this e-mail and any attachments for the presence of viruses. Dana Corporation accepts no liability for any damage caused by any virus transmitted by this e-mail.</p>
English, Francais, Espanol, Deutsch, Italiano, Portugues:<br>
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 11:02:55 EDT
<a href="http://www.dana.com/overview/EmailDisclaimer.shtm">http://www.dana.com/overview/EmailDisclaimer.shtm>
<hr>
</div>
--
---> Please post QUESTIONS and SUMMARIES only!! <---
To subscribe/unsubscribe to this list, contact majordomo@dutchworks.nl
Name: hpux-admin@dutchworks.nl Owner: owner-hpux-admin@dutchworks.nl
Archives: ftp.dutchworks.nl:/pub/digests/hpux-admin (FTP, browse only)
http://www.dutchworks.nl/htbin/hpsysadmin (Web, browse & search)