[lug] Why cron.allow and cron.deny?

Rob Nagler nagler at bivio.biz
Mon Jan 13 10:55:46 MST 2014

Thanks.  I understand the sentiment.

Unfortunately, features like this can be perceived as providing
security so they get used in contexts which cause more problems than
they solve.

I'm sure the RHEL certification course tells certifiables to have a
cron.allow, and only put root in it.  Then people create cron jobs as
root, because they think it would be a security hole to create a job
as, say, apache or postgres.


More information about the LUG mailing list