Allowing users to remove files in /usr/spool/at

[Stephen D Carter]

>From article <2823 at baird.cs.strath.ac.uk>, by jim at cs.strath.ac.uk (Jim Reid):
> In article <2409 at syma.sussex.ac.uk> andy at syma.sussex.ac.uk (Andy Clews) writes:
> 
>>
>>Can anyone suggest a way in which I can give this sort of access to
>>/usr/spool/at without compromising system security by allowing the world
>>to write to it? I'm a bit wary of creating a setuid'd program to do it.
> 
> Well, there's no need for a setuid program at all. (Or setgid for that
> matter either.) Just have the user run a script to identify the appropriate
> shell script. All that's then needed is to delete the contents of the file.
> The at daemon will run the now empty file at the appointed time and then
> delete it. Since the user already owns the shell script, this does not
> require any special setuid/setgid permissions.
> 

I'm not happy with this reply.  It is a workaround and not a resolution.
In a real world the users should not have to effectivelt delete their
file - after all they might want to run that job again.  While folks
like Andy, you and me who are clearly not naive users couls cope with
this, think about how naive users in offices running applications
systems will cope.  They just want to at a job, then having realised
they don't, they want to drop it, not delete it.

Stephen Carter, Systems Manager, The Administration,
The University of Sussex, Falmer, Brighton BN1 9RH, UK
Tel: +44 273 678203  Fax: +44 273 678335     JANET: stevedc at uk.ac.sussex.syma
EARN/BITNET  : stevedc at syma.sussex.ac.uk      UUCP: stevedc at syma.uucp
ARPA/INTERNET: stevedc%syma.sussex.ac.uk at nsfnet-relay.ac.uk