Security guideline - permissions of /etc/cron.allow set to 600 [on hold]

The security guideline that my company follows (CIS Ubuntu 14.04 LTS Server Benchmark) states that users should be explicitly added to /etc/cron.allow and that file should have permissions set to 600 (9.1.8 Restrict at/cron to Authorized Users (Scored) - page 109-110).

Having the /etc/cron.allow permissions set to 600 leads to a phenomenon described in my other question: when a user is not on the allow list, he can still use crontab, but root cannot list/edit that user's crontab. Only with permissions set to 644 the user himself cannot use crontab if he's not listed in /etc/cron.allow.

Why would the security guideline require 600 permissions instead of 644?

Replay

Category: security Time: 2016-07-29 Views: 2
Tags: security cron

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 0.198 (s). 12 q(s)