From owner-freebsd-bugs Sat Feb 9 18:30:10 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 4D47B37B41B for ; Sat, 9 Feb 2002 18:30:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1A2U1C89048; Sat, 9 Feb 2002 18:30:01 -0800 (PST) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 24DFF37B402 for ; Sat, 9 Feb 2002 18:29:52 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1A2TqT88107; Sat, 9 Feb 2002 18:29:52 -0800 (PST) (envelope-from nobody) Message-Id: <200202100229.g1A2TqT88107@freefall.freebsd.org> Date: Sat, 9 Feb 2002 18:29:52 -0800 (PST) From: "f. johan beisser" To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: conf/34780: locate(1)'s database is generated with root permissions Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 34780 >Category: conf >Synopsis: locate(1)'s database is generated with root permissions >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 09 18:30:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: f. johan beisser >Release: -CURRENT. problem also exists in -STABLE. >Organization: >Environment: >Description: the locate(1) database is generated with root permissions. this allows any user to find the existance of any other users files through the locate(1) command. this means doing a search for any users login, you can get a list of all of the files in their home direcotry, no matter what permissions the file has. technically, this is a privacy violation by periodic(8). locate.mklocatedb creates the /var/db/locate.database as whoever the invoking user happens to be. since 310.locate (/etc/periodic/weekly/310.locate) is called by root, it doesn't pay any attention to user set permissions while generating the database. >How-To-Repeat: it's repeated every week by periodic(8). >Fix: stop generating the locate database as the root user. the other option is to set up locate(1) a bit more securely via adjusting the locate.rc (/etc/locate.rc) or by excluding user home directories (/usr/home) automagically. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message