Misinterpretation of LUID was Re: SCO License security - another flame
j chapman flack
chap at art-sy.detroit.mi.us
Sat May 25 01:52:33 AEST 1991
In article <1174 at pemcom.pem-stuttgart.de> ralfi at pemcom.pem-stuttgart.de (Ralf U. Holighaus) writes:
>
>Ever heard of the crontab command? That correctly updates the cron tables
>in the /usr/spool/cron/crontabs directory WITHOUT problems. Thats the clean
>way. Not the quick'n dirty one.
Try su'ing to the ID of a pseudo-user and using crontab to update that user's
cron table. You can't do it. "You must run crontab under your login UID."
A pseudo-user is, by definition, an account that no human ever logs directly
into. To do something as a pseudo-user, a person has to log into an
individual account and su to the pseudo-user, which leaves an audit trail.
This is correct and sensible.
Because crontab is broken, an individual who wants to update a pseudo-user's
cron table must actually log in as that pseudo-user (there goes accountability)
or manually replace the cron table. In the second case, the revisions will
not take effect until cron restarts at the next reboot, because crontab is
what signals cron to reread the table, and the user couldn't run it.
And no, running crontab on the user's own table will not tell cron to reread
all of the tables.
o=
The maddening thing is that the feature that breaks crontab, and is clearly
counter to the design of the LUID and pseudo-user concepts, is something that
was consciously added (i.e. and act of commission, not of omission) by someone
unclear on the concept.
-=
--
Chap Flack Their tanks will rust. Our songs will last.
chap at art-sy.detroit.mi.us -MIKHS 0EODWPAKHS
Nothing I say represents Appropriate Roles for Technology unless I say it does.
More information about the Comp.unix.sysv386
mailing list