Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 1 of 1
01-04-2013, 04:10 PM #1
- Join Date
- Jan 2005
- Mauchline, Scotland
- Thanked 1 Time in 1 Post
security concern around adding cron user to web application group
I have a permissions issue on my CentOS 5.6 machine with regards to the cron user.
On my test/staging environment my cron user (picco-cron) is a member of one group - picco-cron, as below:
[crmpicco@1872-stage1 downloads]$ id picco-cron uid=601(picco-cron) gid=601(picco-cron) groups=601(picco-cron)
[root@dev53 dev_crmpicco]# id picco-cron uid=503(picco-cron) gid=503(picco-cron) groups=503(picco-cron),555(dev)
My cron user is pretty much exactly what it sounds like. A user created for the purposes solely of running cron jobs.
My question is - is there a security issue around letting the "cron" user have access to writing to 90% of the directories in my application? Is it as simple as to add picco-cron to the dev group or is there a security concern here?