Geek Answers Handbook

Safe way to update cron from LAMP web page

I need to be able to update the scheduled runtime for various jobs from a web page, and I'm looking for a safe way to do this on Red Hat Enterprise Linux. Obviously, editing the crontab file directly does not matter, and we restrict PHP access to its application directory. Best of all, I can come up with to create an updated file in the application directory (one level below webroot), then sudo exec a script, which checks the file and moves it to the cron.d directory. Is it safe or is there a better way to do this?

thanks

Mark

+4
source share
3 answers

How to use crontab command? You can create a file in / tmp called newcronjobs.txt using the cron entries you want to add. And calling crontab /tmp/newcronjobs.txt This should add all the new jobs. I would suggest that this is pretty safe, but just a thought.

0
source

It would be best to find one of the various crontab packages, which are basically some scripts that emulate crontab. If you are unable to install something like CPanel or Plesk.

+1
source

For me, this seems like a huge security hole, and I definitely do not recommend writing directly or indirectly in crontab. If you somehow miss at least one small part of the "validators" protection that you mentioned above, an attacker can easily compromise your entire server.

Follow the Jim solution and, if possible, use some kind of structure; I hope, open source and actively developed by several developers.

If all the added processes are similar, I would recommend an alternative, such as creating a cron job that will execute one specific script as an unprivileged user, each lowest common denominator in a few minutes and add all the functionality to execute other processes in this single file and make sure that you copy the code as much as possible and rely on user input as little as possible and make sure that you select all that the user enters.

0
source

More articles:


All Articles