Date: Tue, 18 Dec 2012 13:10:59 -0800 From: Devin Teske <devin.teske@fisglobal.com> To: Walter Hurry <walterhurry@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: updatedb? Message-ID: <A127EA10-8ECF-4DFA-8DD7-3C7F4F99B514@fisglobal.com> In-Reply-To: <kaqljd$gj4$1@ger.gmane.org> References: <kaqljd$gj4$1@ger.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 18, 2012, at 1:01 PM, Walter Hurry wrote: > $ sudo /usr/libexec/locate.updatedb >>>> WARNING >>>> Executing updatedb as root. This WILL reveal all filenames >>>> on your machine to all login users, which is a security risk. > $ >=20 > Why is it a "security risk"? Security through obscurity? Really? In this= =20 > day and age? >=20 > Or am I missing something? You're missing the fact that updatedb essentially makes a list of every fil= e on your disk (and that this list is able to be queried by anybody regardl= ess of permissions or group membership). The best and most notable example of this constituting a "security risk" is= if you've prevented access to a directory=85 root's home-directory (/root)= for example. Illustratively, this would be if you did "chmod go-wrx somedi= r" so that only the owner could see inside it. When you run updatedb as root, it traverses all directories even those that= you may have posted a big "keep out" sign on (aforementioned "chmod"). The= n every non-privileged user on the system can list the contents of your sec= ret hideout with the "keep out" sign posted on it. You might have well buil= t that house out of glass (they can't read the contents of the books on you= r bookshelf, but they can see the covers and know what you've got stocked o= n the shelves). If this doesn't concern you, (and there's plenty of reasons to ignore this = warning -- say, if you operate in a closed environment where trust isn't an= issue and you value the ability to find any file on the system at any time= ) -- then proceed my friend, =85 proceed. Otherwise, it's best to think about running updatedb as a non-privileged us= er that (a) can't use built-in super-user privileges to bypass security set= tings when enumerating the UNIX filesystems you've configured in locate.con= f(5) (optional -- by default it acts sensibly and ignores what you'd expect= it to). --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A127EA10-8ECF-4DFA-8DD7-3C7F4F99B514>