bastille sets incorrect permissions on cron.allow
Bug #55741 reported by
Sergei Genchev
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bastille (Ubuntu) |
Expired
|
Medium
|
Unassigned |
Bug Description
Binary package hint: bastille
When you run bastille on Dapper and answer "Yes" (default) to "Would you like to restrict the use of cron to administrative accounts? ", Bastille creates /etc/cron.allow file with wrong permissions - it is owned by root:root mode 600. crontab executable in Dapper is set gid crontab and cannot read this file which makes it behave as if this file was not there at all.
I am not sure if this should be marked as a security bug or not - does not seem like a huge deal, yet bastille is supposedly "security made easy" thing and should really do what it promises..
Changed in bastille: | |
importance: | Low → Medium |
status: | Incomplete → Triaged |
To post a comment you must log in.
Thank you for taking the time to report this bug and helping to make Ubuntu better. You reported this bug a while ago and there hasn't been any activity in it recently. We were wondering is this still an issue for you? Thanks in advance.