Date: Fri, 24 Apr 1998 21:25:38 +0000 From: Niall Smart <rotel@indigo.ie> To: Nicholas Charles Brawn <ncb05@uow.edu.au>, freebsd-security@FreeBSD.ORG Subject: Re: Symlinks again... Message-ID: <199804242025.VAA00581@indigo.ie> In-Reply-To: Nicholas Charles Brawn <ncb05@uow.edu.au> "Re: Symlinks again..." (Apr 24, 8:40pm)
index | next in thread | previous in thread | raw e-mail
On Apr 24, 8:40pm, Nicholas Charles Brawn wrote:
} Subject: Re: Symlinks again...
>
> Upon a little debate over whether or not /etc/weekly su's to nobody before
> running locate.updatedb, I checked it out myself.
>
> >From /etc/weekly:
> echo ""
> echo "Rebuilding locate database:"
> locdb=/var/db/locate.database
> touch ${locdb}; chown nobody ${locdb}; chmod 644 ${locdb}
> echo /usr/libexec/locate.updatedb | nice -5 su -fm nobody 2>&1 |\
> fgrep -v 'Permission denied' ^^^^^^^^^^^^^
> chmod 444 ${locdb}
>
> I stand corrected. :)
The code is still wrong though, an account is compromisable. I
would submit a PR. mktemp(1) should be ported to -stable to make
fixing/avoiding this type of thing easier. Any takers?
Niall
--
Niall Smart. PGP: finger njs3@motmot.doc.ic.ac.uk
FreeBSD: Turning PC's into Workstations: www.freebsd.org
Annoy your enemies and astonish your friends:
echo "#define if(x) if (!(x))" >> /usr/include/stdio.h
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804242025.VAA00581>