Linux 101 : Crontab security
The configuration file for crontab is "/etc/crontab".
We can configure crontab tasks using the below command:
We could also list the scheduled tasks using the below command:
To restrict access to the crontab system, we use below files:
- "/etc/cron.deny".
- "/etc/cron.allow".
Both files contains a list of users, for example:
If only the "/etc/cron.deny" file is present on our system, users in this file can't run the crontab commands.
If only the "/etc/cron.allow" file is present on our system, only the users mentioned in this file can run the crontab commands.
In case none of the files "/etc/cron.deny" and "/etc/cron.allow" are present, usually only the "root" user can use the crontab commands, but if the two files exist on a system, "/etc/cron.allow" take precedence over the "/etc/cron.deny" file.
Remark:
On some Linux distribution the crontab security files are located in "/etc/cron.d/cron.allow" and "/etc/cron.d/cron.deny".
Comments