From owner-freebsd-audit Sun Sep 16 9:41:54 2001 Delivered-To: freebsd-audit@freebsd.org Received: from arb.arb.za.net (arb.arb.za.net [196.7.148.4]) by hub.freebsd.org (Postfix) with ESMTP id 1C87637B40A for ; Sun, 16 Sep 2001 09:41:47 -0700 (PDT) Received: (from uucp@localhost) by arb.arb.za.net (8.11.3/8.11.3) with UUCP id f8GGfBW65576; Sun, 16 Sep 2001 18:41:11 +0200 (SAST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.6/8.11.4) with ESMTP id f8GD4au37213; Sun, 16 Sep 2001 14:04:36 +0100 (BST) (envelope-from mark@grondar.za) Message-Id: <200109161304.f8GD4au37213@grimreaper.grondar.za> To: Bruce Evans Cc: audit@FreeBSD.ORG Subject: Re: WARNS=2 cleanup for lex and yacc References: <20010915031508.C20847-100000@delplex.bde.org> In-Reply-To: <20010915031508.C20847-100000@delplex.bde.org> ; from Bruce Evans "Sat, 15 Sep 2001 03:23:03 +1000." Date: Sun, 16 Sep 2001 14:04:35 +0100 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Fri, 14 Sep 2001, Mark Murray wrote: > > > > Lex is gnu flex so it shouldn't be maintained by FreeBSD. > > > > Damn. :-(. OK. What lex(1) did CSRG originally use? > > Lite2, at least, seems to have only contrib/flex-2.5.2. Having actually looked at the code properly :-), our lex is Berkeley-licensed. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Sep 17 1:31:15 2001 Delivered-To: freebsd-audit@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 70EEE37B403 for ; Mon, 17 Sep 2001 01:31:07 -0700 (PDT) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f8H8Sa960317; Mon, 17 Sep 2001 11:28:36 +0300 (EEST) (envelope-from ru) Date: Mon, 17 Sep 2001 11:28:36 +0300 From: Ruslan Ermilov To: "Andrew R. Reiter" Cc: freebsd-audit@FreeBSD.ORG Subject: Re: dungeon master patch Message-ID: <20010917112836.D48120@sunbay.com> References: <20010914123454.B82568@sunbay.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from arr@watson.org on Fri, Sep 14, 2001 at 03:03:17PM -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Andrew, This isn't quite good either -- it silently truncates lines that are bigger than the allowed amount. How about this instead? Also, fgetln(3) could be used in place of fgets(3) to read lines of an arbitrary length, modulo the "last line doesn't end with newline" issue. On a side note, I think that we may safely replace strcasecmp() with strcmp(), as in the original version the first letter of each known keyword is checked against its lower case. It could also be easily WARNSified at level 2 by attributing argc with __unused. Index: dm.c =================================================================== RCS file: /home/ncvs/src/games/dm/dm.c,v retrieving revision 1.8 diff -u -p -r1.8 dm.c --- dm.c 1999/12/10 02:54:18 1.8 +++ dm.c 2001/09/17 08:23:43 @@ -135,30 +135,40 @@ void read_config() { FILE *cfp; - char lbuf[BUFSIZ], f1[40], f2[40], f3[40], f4[40], f5[40]; + char *lbuf, *f1, *f2, *f3, *f4, *f5; + size_t len; if (!(cfp = fopen(_PATH_CONFIG, "r"))) return; - while (fgets(lbuf, sizeof(lbuf), cfp)) - switch(*lbuf) { - case 'b': /* badtty */ - if (sscanf(lbuf, "%s%s", f1, f2) != 2 || - strcasecmp(f1, "badtty")) - break; + while ((lbuf = fgetln(cfp, &len)) != NULL) { + if (lbuf[len - 1] == '\n') + lbuf[len - 1] = '\0'; + else + break; /* Silently ignore. */ + if ((f1 = strtok(lbuf, " \t")) == NULL) + continue; + if (strcasecmp(f1, "badtty") == 0) { + f2 = strtok(NULL, " \t"); + if (f2 == NULL) + continue; c_tty(f2); - break; - case 'g': /* game */ - if (sscanf(lbuf, "%s%s%s%s%s", - f1, f2, f3, f4, f5) != 5 || strcasecmp(f1, "game")) - break; + } else if (strcasecmp(f1, "game") == 0) { + f2 = strtok(NULL, " \t"); + f3 = strtok(NULL, " \t"); + f4 = strtok(NULL, " \t"); + f5 = strtok(NULL, " \t"); + if (f5 == NULL) + continue; c_game(f2, f3, f4, f5); - break; - case 't': /* time */ - if (sscanf(lbuf, "%s%s%s%s", f1, f2, f3, f4) != 4 || - strcasecmp(f1, "time")) - break; + } else if (strcasecmp(f1, "time") == 0) { + f2 = strtok(NULL, " \t"); + f3 = strtok(NULL, " \t"); + f4 = strtok(NULL, " \t"); + if (f4 == NULL) + continue; c_day(f2, f3, f4); } + } (void)fclose(cfp); } On Fri, Sep 14, 2001 at 03:03:17PM -0400, Andrew R. Reiter wrote: > --- dm.c.orig Fri Sep 14 14:00:12 2001 > +++ dm.c Fri Sep 14 14:03:07 2001 > @@ -142,20 +142,20 @@ > while (fgets(lbuf, sizeof(lbuf), cfp)) > switch(*lbuf) { > case 'b': /* badtty */ > - if (sscanf(lbuf, "%s%s", f1, f2) != 2 || > + if (sscanf(lbuf, "%39s%39s", f1, f2) != 2 || > strcasecmp(f1, "badtty")) > break; > c_tty(f2); > break; > case 'g': /* game */ > - if (sscanf(lbuf, "%s%s%s%s%s", > + if (sscanf(lbuf, "%39s%39s%39s%39s%39s", > f1, f2, f3, f4, f5) != 5 || strcasecmp(f1, "game")) > break; > c_game(f2, f3, f4, f5); > break; > case 't': /* time */ > - if (sscanf(lbuf, "%s%s%s%s", f1, f2, f3, f4) != 4 || > - strcasecmp(f1, "time")) > + if (sscanf(lbuf, "%39s%39s%39s%39s", > + f1, f2, f3, f4) != 4 || strcasecmp(f1, "time")) > break; > c_day(f2, f3, f4); > } -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Sep 20 20:57:19 2001 Delivered-To: freebsd-audit@freebsd.org Received: from gull.mail.pas.earthlink.net (gull.mail.pas.earthlink.net [207.217.121.85]) by hub.freebsd.org (Postfix) with ESMTP id 243EA37B41B for ; Thu, 20 Sep 2001 20:57:14 -0700 (PDT) Received: from blossom.cjclark.org (dialup-209.244.105.202.Dial1.SanJose1.Level3.net [209.244.105.202]) by gull.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id UAA11028 for ; Thu, 20 Sep 2001 20:57:11 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f8L3v7e03166 for freebsd-audit@freebsd.org; Thu, 20 Sep 2001 20:57:07 -0700 (PDT) (envelope-from cjc) Date: Thu, 20 Sep 2001 20:57:07 -0700 From: "Crist J. Clark" To: freebsd-audit@freebsd.org Subject: Misuse of 'nobody' user for locate(1) Message-ID: <20010920205706.A3050@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG The original purpose of the 'nobody' user was for "anonymous" NFS access. This is the account to which the superuser on a remote system is mapped. The idea is to have a user that owns no files on the system nor is a member of a group that has group ownership of a file. File acesss for this user is always determined by the world permission bits. This user continues to be used for this purpose and others as well. Other systems, like Samba, can use 'nobody' as the 'GUEST' user where again we want a user who only passes world permission bits. The FreeBSD base system has a special uses for 'nobody.' However, one of these has an implementation flaw. When building the locate(1) database, the 'nobody' user is used. This makes perfect sense. Since 'nobody' has no user or group ownership or special access to files, we get a locate(1) database that only contains files that everyone can see. However, there is a small bug in the implementation, the resulting database is owned by 'nobody.' This violates one of the primary features 'nobody' is meant to have. Let me say it again, THE 'nobody' USER SHOULD OWN NO FILES ON THE SYSTEM. Now fixing this is rather straightforward. As the things stand in the weekly scripts, the database file is created by 'root,' chowned to 'nobody,' and then the update script is run as 'nobody.' The update script writes the file; this is why the file must be writeable by 'nobody.' My solution is to have the update script write its output to stdout. In this way, 'root' can simply redirect the output of the update script, which is being run under 'nobody,' and the file does not need to be owned by or writeable by 'nobody.' To do this, I gutted the ability of the update script to write to a specific file. It always writes to stdout. This makes sense to me. To have the weekly script 310.locate work properly, the database location needed to be specified in two locations, in the update script (/usr/libexec/locatedb) or its configuration file (/etc/locate.rc) as well as in 310.locate. I see no reason for the script to have this ability on its own. The location only need be defined in 310.locate. Here are the patches. Any comments about them or the whole idea of eliminating 'nobody' ownership of files? Thanks. Index: src/etc/periodic/weekly/310.locate =================================================================== RCS file: /export/ncvs/src/etc/periodic/weekly/310.locate,v retrieving revision 1.6 diff -u -r1.6 310.locate --- src/etc/periodic/weekly/310.locate 2000/09/14 17:19:13 1.6 +++ src/etc/periodic/weekly/310.locate 2001/09/21 03:14:09 @@ -18,12 +18,9 @@ locdb=/var/db/locate.database - touch $locdb && rc=0 || rc=3 - chown nobody $locdb || rc=3 - chmod 644 $locdb || rc=3 - cd / - echo /usr/libexec/locate.updatedb | nice -5 su -fm nobody || rc=3 + { echo /usr/libexec/locate.updatedb | + nice -5 su -fm nobody; } > $locdb || rc=3 chmod 444 $locdb || rc=3;; *) rc=0;; Index: src/usr.bin/locate/locate/updatedb.sh =================================================================== RCS file: /export/ncvs/src/usr.bin/locate/locate/updatedb.sh,v retrieving revision 1.17 diff -u -r1.17 updatedb.sh --- src/usr.bin/locate/locate/updatedb.sh 2000/01/12 08:01:01 1.17 +++ src/usr.bin/locate/locate/updatedb.sh 2001/09/21 03:49:55 @@ -44,7 +44,6 @@ : ${mklocatedb:=locate.mklocatedb} # make locate database program -: ${FCODES:=/var/db/locate.database} # the database : ${SEARCHPATHS:="/"} # directories to be put in the database : ${PRUNEPATHS:="/tmp /usr/tmp /var/tmp"} # unwanted directories : ${FILESYSTEMS:="ufs"} # allowed filesystems @@ -81,8 +80,8 @@ $mklocatedb -presort > $tmp then case X"`$find $tmp -size -257c -print`" in - X) cat $tmp > $FCODES;; - *) echo "updatedb: locate database $tmp is empty" + X) cat $tmp;; + *) echo "updatedb: locate database $tmp is empty" >&2 exit 1 esac fi Index: src/usr.bin/locate/locate/locate.rc =================================================================== RCS file: /export/ncvs/src/usr.bin/locate/locate/locate.rc,v retrieving revision 1.8 diff -u -r1.8 locate.rc --- src/usr.bin/locate/locate/locate.rc 1999/08/28 01:02:59 1.8 +++ src/usr.bin/locate/locate/locate.rc 2001/09/21 03:14:25 @@ -9,9 +9,6 @@ # temp directory #TMPDIR="/tmp" -# the actual database -#FCODES="/var/db/locate.database" - # directories to be put in the database #SEARCHPATHS="/" -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Sep 21 0: 8:19 2001 Delivered-To: freebsd-audit@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 6A80837B417 for ; Fri, 21 Sep 2001 00:08:10 -0700 (PDT) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f8L77je32008; Fri, 21 Sep 2001 10:07:45 +0300 (EEST) (envelope-from ru) Date: Fri, 21 Sep 2001 10:07:45 +0300 From: Ruslan Ermilov To: cjclark@alum.mit.edu Cc: freebsd-audit@FreeBSD.ORG Subject: Re: Misuse of 'nobody' user for locate(1) Message-ID: <20010921100745.G27714@sunbay.com> References: <20010920205706.A3050@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010920205706.A3050@blossom.cjclark.org>; from cristjc@earthlink.net on Thu, Sep 20, 2001 at 08:57:07PM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Not looking into the implementation, the idea sounds reasonable. On Thu, Sep 20, 2001 at 08:57:07PM -0700, Crist J. Clark wrote: > The original purpose of the 'nobody' user was for "anonymous" NFS > access. This is the account to which the superuser on a remote system > is mapped. The idea is to have a user that owns no files on the > system nor is a member of a group that has group ownership of a > file. File acesss for this user is always determined by the world > permission bits. > > This user continues to be used for this purpose and others as > well. Other systems, like Samba, can use 'nobody' as the 'GUEST' user > where again we want a user who only passes world permission > bits. The FreeBSD base system has a special uses for 'nobody.' > However, one of these has an implementation flaw. > > When building the locate(1) database, the 'nobody' user is used. This > makes perfect sense. Since 'nobody' has no user or group ownership or > special access to files, we get a locate(1) database that only > contains files that everyone can see. However, there is a small bug in > the implementation, the resulting database is owned by 'nobody.' This > violates one of the primary features 'nobody' is meant to have. Let me > say it again, THE 'nobody' USER SHOULD OWN NO FILES ON THE SYSTEM. > > Now fixing this is rather straightforward. As the things stand in the > weekly scripts, the database file is created by 'root,' chowned to > 'nobody,' and then the update script is run as 'nobody.' The update > script writes the file; this is why the file must be writeable by > 'nobody.' My solution is to have the update script write its output to > stdout. In this way, 'root' can simply redirect the output of the > update script, which is being run under 'nobody,' and the file does > not need to be owned by or writeable by 'nobody.' > > To do this, I gutted the ability of the update script to write to a > specific file. It always writes to stdout. This makes sense to me. To > have the weekly script 310.locate work properly, the database location > needed to be specified in two locations, in the update script > (/usr/libexec/locatedb) or its configuration file (/etc/locate.rc) as > well as in 310.locate. I see no reason for the script to have this > ability on its own. The location only need be defined in 310.locate. > > Here are the patches. Any comments about them or the whole idea of > eliminating 'nobody' ownership of files? Thanks. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Sep 21 5:43:17 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id E56A737B41F for ; Fri, 21 Sep 2001 05:43:06 -0700 (PDT) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id WAA27951; Fri, 21 Sep 2001 22:43:00 +1000 Date: Fri, 21 Sep 2001 22:42:31 +1000 (EST) From: Bruce Evans X-X-Sender: To: Cc: Subject: Re: Misuse of 'nobody' user for locate(1) In-Reply-To: <20010920205706.A3050@blossom.cjclark.org> Message-ID: <20010921221010.C75698-100000@delplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 20 Sep 2001, Crist J. Clark wrote: > The original purpose of the 'nobody' user was for "anonymous" NFS > access. This is the account to which the superuser on a remote system > is mapped. ... This has rotted under FreeBSD. The superuser is mapped to (uid_t)-2, which is 0xFFFFFFFE, but "nobody" has uid 0xFFFE. > Here are the patches. Any comments about them or the whole idea of > eliminating 'nobody' ownership of files? Thanks. This seems reasonable. > Index: src/etc/periodic/weekly/310.locate > =================================================================== > RCS file: /export/ncvs/src/etc/periodic/weekly/310.locate,v > retrieving revision 1.6 > diff -u -r1.6 310.locate > --- src/etc/periodic/weekly/310.locate 2000/09/14 17:19:13 1.6 > +++ src/etc/periodic/weekly/310.locate 2001/09/21 03:14:09 > @@ -18,12 +18,9 @@ > > locdb=/var/db/locate.database > > - touch $locdb && rc=0 || rc=3 > - chown nobody $locdb || rc=3 > - chmod 644 $locdb || rc=3 > - > cd / > - echo /usr/libexec/locate.updatedb | nice -5 su -fm nobody || rc=3 > + { echo /usr/libexec/locate.updatedb | > + nice -5 su -fm nobody; } > $locdb || rc=3 > chmod 444 $locdb || rc=3;; > > *) rc=0;; src/etc/Makefile still installs /var/db/locate.database with bogus ownership nobody:wheel and insecure mode 644. 644 would be correct if the file were owned by root. Then the "chmod 444" would be redundant. > Index: src/usr.bin/locate/locate/updatedb.sh > =================================================================== > RCS file: /export/ncvs/src/usr.bin/locate/locate/updatedb.sh,v > retrieving revision 1.17 > diff -u -r1.17 updatedb.sh > --- src/usr.bin/locate/locate/updatedb.sh 2000/01/12 08:01:01 1.17 > +++ src/usr.bin/locate/locate/updatedb.sh 2001/09/21 03:49:55 > @@ -44,7 +44,6 @@ > > > : ${mklocatedb:=locate.mklocatedb} # make locate database program > -: ${FCODES:=/var/db/locate.database} # the database > : ${SEARCHPATHS:="/"} # directories to be put in the database > : ${PRUNEPATHS:="/tmp /usr/tmp /var/tmp"} # unwanted directories > : ${FILESYSTEMS:="ufs"} # allowed filesystems > @@ -81,8 +80,8 @@ > $mklocatedb -presort > $tmp > then > case X"`$find $tmp -size -257c -print`" in > - X) cat $tmp > $FCODES;; > - *) echo "updatedb: locate database $tmp is empty" > + X) cat $tmp;; > + *) echo "updatedb: locate database $tmp is empty" >&2 > exit 1 > esac > fi The man page needs correspinding changes. > Index: src/usr.bin/locate/locate/locate.rc > =================================================================== > RCS file: /export/ncvs/src/usr.bin/locate/locate/locate.rc,v > retrieving revision 1.8 > diff -u -r1.8 locate.rc > --- src/usr.bin/locate/locate/locate.rc 1999/08/28 01:02:59 1.8 > +++ src/usr.bin/locate/locate/locate.rc 2001/09/21 03:14:25 > @@ -9,9 +9,6 @@ > # temp directory > #TMPDIR="/tmp" > > -# the actual database > -#FCODES="/var/db/locate.database" > - > # directories to be put in the database > #SEARCHPATHS="/" > The location was supposed to be controlled by /etc/rc.locate, with the update script providing a default. It was another bug that the periodic script hard-coded the location. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Sep 21 10: 9:58 2001 Delivered-To: freebsd-audit@freebsd.org Received: from avocet.mail.pas.earthlink.net (avocet.mail.pas.earthlink.net [207.217.121.50]) by hub.freebsd.org (Postfix) with ESMTP id 304C837B401 for ; Fri, 21 Sep 2001 10:09:56 -0700 (PDT) Received: from dialup-209.247.139.34.dial1.sanjose1.level3.net ([209.247.139.34] helo=blossom.cjclark.org) by avocet.mail.pas.earthlink.net with esmtp (Exim 3.32 #2) id 15kToH-0000gP-00; Fri, 21 Sep 2001 10:09:54 -0700 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f8LH9ER01923; Fri, 21 Sep 2001 10:09:14 -0700 (PDT) (envelope-from cjc) Date: Fri, 21 Sep 2001 10:09:14 -0700 From: "Crist J. Clark" To: Bruce Evans Cc: freebsd-audit@FreeBSD.ORG Subject: Re: Misuse of 'nobody' user for locate(1) Message-ID: <20010921100914.A980@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20010920205706.A3050@blossom.cjclark.org> <20010921221010.C75698-100000@delplex.bde.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010921221010.C75698-100000@delplex.bde.org>; from bde@zeta.org.au on Fri, Sep 21, 2001 at 10:42:31PM +1000 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Sep 21, 2001 at 10:42:31PM +1000, Bruce Evans wrote: > On Thu, 20 Sep 2001, Crist J. Clark wrote: Thanks for the good suggestions. > The location was supposed to be controlled by /etc/rc.locate, with the > update script providing a default. It was another bug that the periodic > script hard-coded the location. It might also be considered a bug that the location of the database is hardcoded into locate(1). I would have expected locate(1) to check the /etc/locate.rc file. However, it does not. If I make these changes, that point is moot. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Sep 22 12: 2:53 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 9E30C37B41E for ; Sat, 22 Sep 2001 12:02:50 -0700 (PDT) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id FAA00275; Sun, 23 Sep 2001 05:02:41 +1000 Date: Sun, 23 Sep 2001 05:02:08 +1000 (EST) From: Bruce Evans X-X-Sender: To: Cc: Subject: Re: Misuse of 'nobody' user for locate(1) In-Reply-To: <20010921100914.A980@blossom.cjclark.org> Message-ID: <20010923050014.V9351-100000@delplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 21 Sep 2001, Crist J. Clark wrote: > On Fri, Sep 21, 2001 at 10:42:31PM +1000, Bruce Evans wrote: > > The location was supposed to be controlled by /etc/rc.locate, with the > > update script providing a default. It was another bug that the periodic > > script hard-coded the location. > > It might also be considered a bug that the location of the database is > hardcoded into locate(1). I would have expected locate(1) to check the > /etc/locate.rc file. However, it does not. > > If I make these changes, that point is moot. OK, please make them. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message