Permission on /etc/crontab should be 600 as per security .
by ratan61 from LinuxQuestions.org on (#6M8P0)
Hello All ,
I'm perplexed with the way /etc/crontab should be 600 as per security. I need help /suggestion about is it really necessary to set 600 permission on the /etc/crontab where user individually has /var/spool/cron/<username>.
1./etc/crontab has 755 permissions set on the server.
2. User has their own crontab entries and cronjobs are located in /var/spool/cron/<username>.
3./etc/crontab is basically used for system wide crontab entries but since user has already their own cronjobs , does it really require to change the /etc/crontab permissions from 755 to 600 ?
4.Whether it is 755 or 600 , the ownership of the file is root:root and it is system wide cronjob(/etc/crontab) non-root user cannot modify the file (/etc/crontab) but somehow can be exploited with 'X' permission as per security.
Please advise , whether we can set the 600 permission on the /etc/crontab or we can continue with 755 permission.
I have analyzed that the /etc/crontab purposes as mentioned earlier but unable to determine any other impact on changing the permissions on this file.
I'm perplexed with the way /etc/crontab should be 600 as per security. I need help /suggestion about is it really necessary to set 600 permission on the /etc/crontab where user individually has /var/spool/cron/<username>.
1./etc/crontab has 755 permissions set on the server.
2. User has their own crontab entries and cronjobs are located in /var/spool/cron/<username>.
3./etc/crontab is basically used for system wide crontab entries but since user has already their own cronjobs , does it really require to change the /etc/crontab permissions from 755 to 600 ?
4.Whether it is 755 or 600 , the ownership of the file is root:root and it is system wide cronjob(/etc/crontab) non-root user cannot modify the file (/etc/crontab) but somehow can be exploited with 'X' permission as per security.
Please advise , whether we can set the 600 permission on the /etc/crontab or we can continue with 755 permission.
I have analyzed that the /etc/crontab purposes as mentioned earlier but unable to determine any other impact on changing the permissions on this file.