At Feb 24, 11:33am, Ben Taylor <bent@snm.com> tapped on the keyboard: : > Are you going to write a program that checks to see if root's cronjob has : > been modified? Probably not, and if someone has access to /dev/nit, they're : > going to have access to root's cronjob as well. : : I suppose if you really wanted to make sure that crontab entries couldn't : be changed is to put them on a write protected floppy, mounted at boot. The best thing to do is to run tripwire from a read-only device (like a floppy) from which you can check the integrity of any number of files, like crontab. ftp://coast.cs.purdue.edu/pub/COAST/Tripwire -- Eiji Hirai The NetMarket Company eiji@netmarket.com