HPE Community
Operating System - HP-UX
1831647 Members
2115 Online
110029 Solutions
New Discussion

/var/spool/cron/tmp directory permission

 
SOLVED
Go to solution
Dewa Negara_4
Regular Advisor

‎10-04-2004 03:03 PM

‎10-04-2004 03:03 PM

/var/spool/cron/tmp directory permission

Hi All,

Because of some security reasons, I plan to change the permission of directory /var/spool/cron/tmp to 1775 instead of 1777.

# ll -d /var/spool/cron/tmp
drwxrwxrwt 2 root root 1024 Oct 4 22:47 /var/spool/cron/tmp

Can anyone help to to clarify what is the impact of the change? Can we do that? If not what is the reason? Please help. High score will be given.

Thanks and Best Regards,
Negara
Santos
0 Kudos
Reply
3 REPLIES 3
Michael Tully
Honored Contributor

‎10-04-2004 04:09 PM

‎10-04-2004 04:09 PM

Solution

Re: /var/spool/cron/tmp directory permission

I see nothing wrong with the change you intend making. I have checked a few of my servers, and they have what you propose.

# ll -ld /var/spool/cron/tmp
drwxrwxrwt 2 root root 69632 Oct 5 13:38 /var/spool/cron/tmp
Anyone for a Mutiny ?
Reply
Dewa Negara_4
Regular Advisor

‎10-04-2004 04:35 PM

‎10-04-2004 04:35 PM

Re: /var/spool/cron/tmp directory permission

Hi Michael,

Thanks alot.

Is there any impact if we change it to 1775?

Thanks and Best Regards,
Negara
Santos
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎10-04-2004 08:11 PM

‎10-04-2004 08:11 PM

Re: /var/spool/cron/tmp directory permission

We can separate file permission as,



d rwx rwx rwt

/var/spool/cron/tmp file can be executed by every one. But can be deleted / renamed only by super user or owner of the file. If you change the permission 1777 to 1775 then other users can not write in that specific file there. IF you don't want to write that directory by others then change that permission.

( See on chmod+1 man page for sticky bit informations )

But keep default permission there. It will not be going to make any issues there.

HTH.
Easy to suggest when don't know about the problem!
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.