Date: Tue, 30 Jan 2001 12:20:42 +0200 From: Sheldon Hearn <sheldonh@uunet.co.za> To: Stu Pidaso <grim@octet.com> Cc: "Jacques A. Vidrine" <n@nectar.com>, freebsd-security@freebsd.org Subject: Re: cvs commit: src/usr.bin/login login.c Message-ID: <7897.980850042@axl.fw.uunet.co.za> In-Reply-To: Your message of "Tue, 30 Jan 2001 05:08:09 EST." <Pine.BSI.3.96.1010130050213.22700A-100000@ns3.octet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 30 Jan 2001 05:08:09 EST, Stu Pidaso wrote: > > # Destroy all stale Kerberos5 tickets > > # > > for i in `find /tmp -name 'krb5cc_*' -ctime +1 -print` ; do > > rm -f $i > > done > > and now you can delete you can delete any file in /tmp. > > touch 'krb5cc_1 somefileintmp' and wait. Well spotted. find /tmp -name 'krb5cc_*' -ctime +1 -exec rm -f {} \; I don't use -delete because it's not portable. Of course, the problem is that maximum ticket lifetime is a site- configurable value, which is why it _doesn't_ make sense to put this job in /etc/crontab in the base system. The problem is that you can end up with a large number of stale files in /tmp if you rely on users to run kdestroy religiously. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7897.980850042>