at files and permissions
Bob Wilber
wilber at alice.UUCP
Mon Jul 10 07:29:06 AEST 1989
Brandon S. Allbery writes:
>at needs root permissions so it can setuid() itself to the owner of the at
>job file, so it can execute the job as the user who submitted it.
No. "at" doesn't execute the job file, "atrun" does. (Or, on some systems,
cron itself.) "at" only needs the ability to create a file in the at spool
directory. As I stated in my previous post, this shouldn't require root
capabilities, but on System V, a bug in the setuid(2) command forces "at"
to be run setuid to root.
Bob Wilber
More information about the Comp.unix.wizards
mailing list