>I just tried running the "cops" security checker program here on my site.
>It came out with the following "Success" file:
>Warning! uids OTHER replace /usr/spool/cron/crontabs create supershell
> DO ANYTHING
>Warning! uids OTHER write /usr/spool/cron replace crontabs create
> supershell DO ANYTHING
>What does this mean? Is it dangerous, and what would I do to correct it?
It means anyone ("OTHER") can replace a contrab file and have their
commands run. The worst case, of course, is replacing root's crontab and
having commands run by root. It's a permissions problem. This is what the
permissions look like on my system:
longshot /usr/spool # ls -lR cron
drwxr-xr-x 2 root root 1024 Dec 28 17:35 crontabs
-rw------- 2 root root 161 Jan 22 01:43 log
-rw------- 1 root root 616 Dec 28 17:35 news
-rw------- 1 root root 898 Dec 20 10:43 root
longshot /usr/spool # ls -ld .
drwxr-xr-x 10 root root 1024 Apr 8 17:02 .
I had the same problem the first time I ran COPS on my SLS system.
SLS had rotten security when I installed it (has this been fixed?). There
were many other permissions problems with bin directories and such.
Kyle Hasselbacher | What sane person could live in this world and not be crazy?