581534 – sys-process/vixie-cron-4.1-r14: /etc/crontab world readable contrary to man page recommendation 0600

Bug 581534 - sys-process/vixie-cron-4.1-r14: /etc/crontab world readable contrary to man page recommendation 0600

Summary: sys-process/vixie-cron-4.1-r14: /etc/crontab world readable contrary to man p...

Status:	RESOLVED OBSOLETE

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Core system (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Deadline:	2019-10-11
Assignee:	No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it

URL:
Whiteboard:
Keywords:	PMASKED

Depends on:
Blocks:

Reported:	2016-04-29 12:22 UTC by John Einar Reitan
Modified:	2019-10-11 15:07 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Einar Reitan 2016-04-29 12:22:06 UTC

sys-process/vixie-cron-4.1-r14: 
cron's manpage has the following under CAVEATS:
"In this version of cron, /etc/crontab must not be readable or writable by any user other than root.  In other words, it should be mode 0600."

After installing sys-process/vixie-cron the file is installed as world-readable, contradicting the manpage CAVEAT entry.






Reproducible: Always

Steps to Reproduce:
1. chmod 0600 /etc/crontab, so any existing file is clearly correct (-rw-------) 
2. emerge sys-process/vixie-cron
3. ls -l /etc/crontab shows file as '-rw-r--r--'
Actual Results:  
ls -la /etc/crontab
-rw-r--r-- 1 root root 496 Apr 29 14:13 /etc/crontab


Expected Results:  
ls -la /etc/crontab
-rw------- 1 root root 496 Apr 29 14:13 /etc/crontab

Comment 1 John Einar Reitan 2016-04-29 13:04:58 UTC

I don't know if it's the manpage which is out-of-date or if the file has the wrong permissions.

Comment 2 Michał Górny archtester

2019-10-11 15:07:54 UTC

Package removed.