From owner-freebsd-questions@FreeBSD.ORG Tue Dec 18 21:11:09 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4C5D2DB7 for ; Tue, 18 Dec 2012 21:11:09 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 0DB2C8FC1E for ; Tue, 18 Dec 2012 21:11:08 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.31]) by ltcfislmsgpa06.fnfis.com (8.14.5/8.14.5) with ESMTP id qBILB5I5011169 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Tue, 18 Dec 2012 15:11:06 -0600 Received: from [10.0.0.102] (10.14.152.61) by smtp.fisglobal.com (10.132.206.31) with Microsoft SMTP Server (TLS) id 14.2.309.2; Tue, 18 Dec 2012 15:11:04 -0600 Subject: Re: updatedb? MIME-Version: 1.0 (Apple Message framework v1283) Content-Type: text/plain; charset="windows-1252" From: Devin Teske In-Reply-To: Date: Tue, 18 Dec 2012 13:10:59 -0800 Content-Transfer-Encoding: quoted-printable Message-ID: References: To: Walter Hurry X-Mailer: Apple Mail (2.1283) X-Originating-IP: [10.14.152.61] X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.9.8327, 1.0.431, 0.0.0000 definitions=2012-12-18_08:2012-12-18,2012-12-18,1970-01-01 signatures=0 Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Devin Teske List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Dec 2012 21:11:09 -0000 On Dec 18, 2012, at 1:01 PM, Walter Hurry wrote: > $ sudo /usr/libexec/locate.updatedb >>>> WARNING >>>> Executing updatedb as root. This WILL reveal all filenames >>>> on your machine to all login users, which is a security risk. > $ >=20 > Why is it a "security risk"? Security through obscurity? Really? In this= =20 > day and age? >=20 > Or am I missing something? You're missing the fact that updatedb essentially makes a list of every fil= e on your disk (and that this list is able to be queried by anybody regardl= ess of permissions or group membership). The best and most notable example of this constituting a "security risk" is= if you've prevented access to a directory=85 root's home-directory (/root)= for example. Illustratively, this would be if you did "chmod go-wrx somedi= r" so that only the owner could see inside it. When you run updatedb as root, it traverses all directories even those that= you may have posted a big "keep out" sign on (aforementioned "chmod"). The= n every non-privileged user on the system can list the contents of your sec= ret hideout with the "keep out" sign posted on it. You might have well buil= t that house out of glass (they can't read the contents of the books on you= r bookshelf, but they can see the covers and know what you've got stocked o= n the shelves). If this doesn't concern you, (and there's plenty of reasons to ignore this = warning -- say, if you operate in a closed environment where trust isn't an= issue and you value the ability to find any file on the system at any time= ) -- then proceed my friend, =85 proceed. Otherwise, it's best to think about running updatedb as a non-privileged us= er that (a) can't use built-in super-user privileges to bypass security set= tings when enumerating the UNIX filesystems you've configured in locate.con= f(5) (optional -- by default it acts sensibly and ignores what you'd expect= it to). --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.