Home » Misconfiguration »

The Linux utilities cron/at is not restricted to authorized users only

View the security misconfiguration catalog
  • Misconfiguration Name
  • The Linux utilities cron/at is not restricted to authorized users only
  • Description
  • The Linux utilities cron and at are related commands. The cron utility allows you to schedule a repetitive task to take place at any regular interval desired, and the at command lets you specify a one-time action to take place at some desired time. It is recommended to configure /etc/cron.allow and /etc/at.allow to authorize only specific users to use these services and limit the access rights of these files only to default root account.
  • Severity
  • important
  • Category
  • Linux - Cron or At Utilities
  • Resolution
  • Follow the below steps to resolve the misconfiguration. Run the following commands to set permissions and ownership for /etc/cron.allow and /etc/at.allow: chmod og-rwx /etc/cron.allow chmod og-rwx /etc/at.allow chown root:root /etc/cron.allow chown root:root /etc/at.allow
  • Potential issues that may arise after applying the resolution
  • Altering the existing security setting may create the following impact in your network operations.
  • Does remediation require reboot?
  • No

Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.