From owner-freebsd-security Tue Jan 30 2:21:53 2001 Delivered-To: freebsd-security@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id 5A97837B6B5 for ; Tue, 30 Jan 2001 02:21:23 -0800 (PST) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 14NXuV-0000B8-00; Tue, 30 Jan 2001 12:21:15 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id MAA17166; Tue, 30 Jan 2001 12:21:13 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 16961; Tue Jan 30 12:20:43 2001 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.20 #1) id 14NXty-00023O-00; Tue, 30 Jan 2001 12:20:42 +0200 From: Sheldon Hearn To: Stu Pidaso Cc: "Jacques A. Vidrine" , freebsd-security@freebsd.org Subject: Re: cvs commit: src/usr.bin/login login.c In-reply-to: Your message of "Tue, 30 Jan 2001 05:08:09 EST." Date: Tue, 30 Jan 2001 12:20:42 +0200 Message-ID: <7897.980850042@axl.fw.uunet.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 30 Jan 2001 05:08:09 EST, Stu Pidaso wrote: > > # Destroy all stale Kerberos5 tickets > > # > > for i in `find /tmp -name 'krb5cc_*' -ctime +1 -print` ; do > > rm -f $i > > done > > and now you can delete you can delete any file in /tmp. > > touch 'krb5cc_1 somefileintmp' and wait. Well spotted. find /tmp -name 'krb5cc_*' -ctime +1 -exec rm -f {} \; I don't use -delete because it's not portable. Of course, the problem is that maximum ticket lifetime is a site- configurable value, which is why it _doesn't_ make sense to put this job in /etc/crontab in the base system. The problem is that you can end up with a large number of stale files in /tmp if you rely on users to run kdestroy religiously. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message