Article 6M8P0 Permission on /etc/crontab should be 600 as per security .

Permission on /etc/crontab should be 600 as per security .

by
ratan61
from LinuxQuestions.org on (#6M8P0)
Hello All ,

I'm perplexed with the way /etc/crontab should be 600 as per security. I need help /suggestion about is it really necessary to set 600 permission on the /etc/crontab where user individually has /var/spool/cron/<username>.
1./etc/crontab has 755 permissions set on the server.
2. User has their own crontab entries and cronjobs are located in /var/spool/cron/<username>.
3./etc/crontab is basically used for system wide crontab entries but since user has already their own cronjobs , does it really require to change the /etc/crontab permissions from 755 to 600 ?
4.Whether it is 755 or 600 , the ownership of the file is root:root and it is system wide cronjob(/etc/crontab) non-root user cannot modify the file (/etc/crontab) but somehow can be exploited with 'X' permission as per security.

Please advise , whether we can set the 600 permission on the /etc/crontab or we can continue with 755 permission.

I have analyzed that the /etc/crontab purposes as mentioned earlier but unable to determine any other impact on changing the permissions on this file.
External Content
Source RSS or Atom Feed
Feed Location https://feeds.feedburner.com/linuxquestions/latest
Feed Title LinuxQuestions.org
Feed Link https://www.linuxquestions.org/questions/
Reply 0 comments