Group readable cron jobs a security risk?

Posted by Ibrahim on Server Fault See other posts from Server Fault or by Ibrahim
Published on 2010-03-22T07:23:44Z Indexed on 2010/03/22 7:31 UTC
Read the original article Hit count: 493

Filed under:

security

|

cron

|

permissions

Hi,

I was just wondering, is using a cron job that is group readable a security risk? In this case, the script is chmod 755, and the group is basically a group of the sysadmins on the machine. The permissions seem to be fine, but I'm just wondering whether it's a bad idea to keep this script in a group or world readable place because it's a backup script that needs to be run as root. Thanks!

© Server Fault or respective owner

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More

Related posts about cron

any clue in these logs why keyboard audio and internet are messed up

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Jun 7 00:01:18 Isis lightdm: pam_unix(lightdm-autologin:session): session opened for user mimi by (uid=0) Jun 7 00:01:18 Isis lightdm: pam_ck_connector(lightdm-autologin:session): nox11 mode, ignoring PAM_TTY :0 Jun 7 00:01:26 Isis polkitd(authority=local): Registered Authentication Agent for… >>> More
cron.daily not running at the time it should?

as seen on Server Fault - Search for 'Server Fault'
My /etc/cron.daily scripts seem to be executing far later from what I understand they should. I am in Ubuntu and anacron is installed. If I do a sudo cat /var/log/syslog | grep cron I get something like: Aug 23 01:17:01 mymachine CRON[25171]: (root) CMD ( cd / && run-parts --report /etc/cron… >>> More
mdadm cron job sends email that cron has run

as seen on Server Fault - Search for 'Server Fault'
I've got an Ubuntu 8.04 server using mdadm to create several RAID1 arrays. I created /etc/cron.hourly/mdadm as follows: #! /bin/sh set -e mdadm --monitor /dev/md0 /dev/md3 /dev/md4 --oneshot (Yes, the array numbers are not sequential, and I'm not using --scan beacuse I have a degraded array that… >>> More
Cron Tips for not running cron jobs on holidays (the monday of a three day weekend)

as seen on Super User - Search for 'Super User'
We have about a one hundred machine set-up with each machine running cron jobs like starting and stopping services and archiving these services' log files at the end of the day to a centralized repository. One headache we have is the three-day weekend (we're closed on holidays). We don't want the… >>> More
cron doesn't execute it's commands

as seen on Server Fault - Search for 'Server Fault'
I created an own small server with Debian. Last night i updated it. It created an error while generating the initrd and it didn't boot. Today i booted from another filesystem and did dpkg --configure -a with chroot. I also checked the filesystem. Now everything should be ok. But cron doesn't work:-(… >>> More