HPE Community
Operating System - HP-UX
1821625 Members
3313 Online
109633 Solutions
New Discussion юеВ

Re: view crontab -l as non root user

 
Franky Leeuwerck_1
Regular Advisor

тАО02-05-2003 07:45 AM

тАО02-05-2003 07:45 AM

view crontab -l as non root user

How can a non root user get the output of the crontab -l command for root ?
(only viewing is necessary, not editing)

Franky
0 Kudos
Reply
10 REPLIES 10
Steve Steel
Honored Contributor

тАО02-05-2003 07:54 AM

тАО02-05-2003 07:54 AM

Re: view crontab -l as non root user

Hi

Go to
http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.6/


Install sudo

sudo-1.6.6
A package to allow commands to be run as the superuser. Sudo determines who is an authorised user by consulting your /etc/sudoers database. The program prompts for a user's password to initiate a validation period of N minutes, here N is defined at installation time. N.B. There is no easy way to prevent a user from gaining a root shell if he has access to commands that are shell scripts or that allow shell escapes.



regards

Steve Steel

Note. this is public domain
If you want truly to understand something, try to change it. (Kurt Lewin)
0 Kudos
Reply
Paul Sperry
Honored Contributor

тАО02-05-2003 07:54 AM

тАО02-05-2003 07:54 AM

Re: view crontab -l as non root user

sudo-1.6.6 (8 May 2002)
A package to allow commands to be run as the superuser

super-3.9.7 (29 Apr 1997)
Super allows users to execute commands as a superuser

both can be found here:
http://hpux.cs.utah.edu/

search for super or sudo
0 Kudos
Reply
Ken Hubnik_2
Honored Contributor

тАО02-05-2003 07:55 AM

тАО02-05-2003 07:55 AM

Re: view crontab -l as non root user

I tried this but not sure what other effects it would have.
chmod 444 /var/spool/cron/crontabs/root

more /var/spool/cron/crontabs/root
0 Kudos
Reply
Steve Steel
Honored Contributor

тАО02-05-2003 07:56 AM

тАО02-05-2003 07:56 AM

Re: view crontab -l as non root user

Hi


You could just run a cronjob every hour or so which does crontab -l to another file


steve Steel
If you want truly to understand something, try to change it. (Kurt Lewin)
0 Kudos
Reply
Franky Leeuwerck_1
Regular Advisor

тАО02-05-2003 08:00 AM

тАО02-05-2003 08:00 AM

Re: view crontab -l as non root user

Thanks all for your hints for tools like Sudo and Super, but scheduling a job as root which output crontab -l to a file is the simpliest way. Thanks Steve.

Regards to all,

Franky
0 Kudos
Reply
Ravi_8
Honored Contributor

тАО02-05-2003 08:01 AM

тАО02-05-2003 08:01 AM

Re: view crontab -l as non root user

Hi,

sudo will help you,
this will available at the link posted by Steve

giving the permision for that user to read can view crontab of root
never give up
0 Kudos
Reply
Thierry Poels_1
Honored Contributor

тАО02-05-2003 08:12 AM

тАО02-05-2003 08:12 AM

Re: view crontab -l as non root user

Hi guys,

I'm not a "sudo" or "super" expert, but I'm afraid they work on command basis, and not on parameter level. So if you allow somebody to use a command through sudo or super they will also be able to use:
crontab -e user
crontab -r user
next to the wanted crontab -l user

Hope I'm wrong however.

Otherwise regular dump to a file, accessible by the required user, would be the least insecure option.

regards,
Thierry.
All unix flavours are exactly the same . . . . . . . . . . for end users anyway.
0 Kudos
Reply
Jose Mosquera
Honored Contributor

тАО02-05-2003 08:15 AM

тАО02-05-2003 08:15 AM

Re: view crontab -l as non root user

Hi,

A very easy way to **view** cron file of any user is the followin:

Every cron files are created into /var/spool/cron/crontabs directory. A user have a file with a specific restrictive mode, generally readable only by the owner. If you expand mode readable permission (a risky security factor) to group or other user you can access this file with a simple "cat /var/spool/cron/crontabs/root"

Rgds.
0 Kudos
Reply
Chuck Higgins
Occasional Advisor

тАО02-05-2003 08:42 PM

тАО02-05-2003 08:42 PM

Re: view crontab -l as non root user

I like Thierry's answer. Just create another entry in the root crontab that runs crontab -l and outputs it to a file. Then you don't have to worry about changing permissions on the files (which could possibly be changed back next time crontab -e is run).

Sudo has many uses but you have to be careful with it. I remember going to a site where they had given sudo permissions to vi! Hmmm, if you can start vi with root permissions, not much you can't do. Same thing with crontab, which could allow anyone to create a cron job to give themselves a root account.

Chuck
0 Kudos
Reply
Robin Wakefield
Honored Contributor

тАО02-06-2003 12:45 AM

тАО02-06-2003 12:45 AM

Re: view crontab -l as non root user

Hi,

It's a good idea anyway to backup your cron files using "crontab -l > filename" - it's saved me on a number of occasions without having to resort to tapes...

rgds, Robin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.