Bug 250685

Summary: Crontab security vulnerabilty - please set bits: sudo chmod 600 /etc/crontab
Product: Ports & Packages Reporter: vimanuelt
Component: Individual Port(s)Assignee: vimanuelt
Status: Closed Not Enough Information    
Severity: Affects Many People CC: asomers, delphij, pi, secteam, tatsuki_makino
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   

Description vimanuelt 2020-10-28 09:11:53 UTC 
[Crontab security vulnerability]

To improve security, please set bits on /etc/crontab directory as follows:

sudo chmod 600 /etc/crontab
Comment 1 Tatsuki Makino 2020-10-28 23:07:26 UTC 
A more reliable solution :)

pkg delete -f sudo

Don't install something like that and call it vulnerable :)
Comment 2 Kurt Jaeger freebsd_committer freebsd_triage 2020-10-29 18:56:15 UTC 
(In reply to vimanuelt from comment #0)
How can the current permission be exploited ?
Comment 3 Xin LI freebsd_committer freebsd_triage 2020-11-01 02:36:12 UTC 
Feedback requested.
Comment 4 Xin LI freebsd_committer freebsd_triage 2020-11-01 02:36:26 UTC 
*** Bug 250686 has been marked as a duplicate of this bug. ***
Comment 5 Alan Somers freebsd_committer freebsd_triage 2022-01-25 21:43:07 UTC 
Closing for lack of feedback.