/usr/bin/at and privileges
magetoo at fastmail.fm
Sun Aug 21 18:50:07 PDT 2005
Hello. 'at' doesn't seem to work as it should. (Yes, user is present
in at.allow - at won't even run otherwise.)
# at 5:00
[ ^D ]
Job 1 will be executed using /bin/sh
# su user
$ at 5:00
at: cannot open lockfile /var/at/jobs/.lockfile: Permission denied
/var/at/jobs is owned by daemon.wheel, and 'at' is suid root.
Machine runs 1.3-Preview from 20th of June and hasn't been messed with
except for installing pkgsrc packages.
On my NetBSD machine things look more or less exactly the same, except
that /var/at/* is owned by root.wheel except daemon.wheel (which I suppose
is irrelevant), and that everything works.
So, is at maybe dropping the suid privileges too early or something?
More information about the Bugs