Hacker News new | past | comments | ask | show | jobs | submit login

Setting up /etc/cron.allow with only specified users (I.E _not_ your webserver user) is a good thing to do on servers generally.

If you have cronjobs that need to run as a webserver user, setup another user specifically for the task, then in sudoers configuration explicitly allow that user to run the required command in the context of the webserver user.

Yes, this kind of simple fix can save many headaches.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact