Cronjob
Forum
  1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and DirectAdmin
  1. HOST321
  2. 15.04.2012
  3.  Subscribe via email
cronjob
Rate this post:
  1. 15.04.2012 05:04:00
  2. # 1
HOST321 Accepted Answer
Posts: 4
Joined: 16.02.2012
0
Votes
Undo
Hello,

i have some problem, in our server with cronjob users can do some commands like: \"cat /etc/password\" or \"ls / > file.txt\".

Question:

How can i disable all cronjob functions for users except lynx ?
  1. 15.04.2012 20:04:14
  2. # 2
Igor Seletskiy Accepted Answer
Posts: 1194
Joined: 09.02.2010
0
Votes
Undo
Better yet -- deploy cagefs, and customer will not be able to gain any sensitive information, even though those commands will work.
  1. 01.05.2012 13:05:44
  2. # 3
HOST321 Accepted Answer
Posts: 4
Joined: 16.02.2012
0
Votes
Undo
Igor Seletskiy wrote:
Better yet -- deploy cagefs, and customer will not be able to gain any sensitive information, even though those commands will work.


Hello,

I installed cagefs, enable it for all users, BUT.....anyway the same problem. I can put cronjob with command like:

cat /etc/passwd > /home/user/file

and i will get all information from passwd file...
  1. 01.05.2012 13:05:11
  2. # 4
Igor Seletskiy Accepted Answer
Posts: 1194
Joined: 09.02.2010
0
Votes
Undo
Have you checked content of the file? The file should have only system users and the user for which cron job is executed.
It shouldn\'t have any other end users.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.