From owner-freebsd-security  Wed Dec 25 01:34:47 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id BAA03735
          for security-outgoing; Wed, 25 Dec 1996 01:34:47 -0800 (PST)
Received: from bitbucket.edmweb.com (bitbucket.edmweb.com [204.244.190.9])
          by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id BAA03727;
          Wed, 25 Dec 1996 01:34:37 -0800 (PST)
Received: from localhost (steve@localhost) by bitbucket.edmweb.com (8.6.12/8.6.12) with SMTP id BAA03267; Wed, 25 Dec 1996 01:34:27 -0800
X-Authentication-Warning: bitbucket.edmweb.com: steve owned process doing -bs
Date: Wed, 25 Dec 1996 01:34:22 -0800 (PST)
From: Steve Reid <steve@edmweb.com>
To: bugtraq@netspace.org, security@freebsd.org, security-officer@freebsd.org
Subject: FALSE ALARM: Re: Another buggy root cron job
In-Reply-To: <Pine.BSF.3.95.961225001440.2706A-100000@bitbucket.edmweb.com>
Message-ID: <Pine.BSF.3.95.961225012941.2706B-100000@bitbucket.edmweb.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

My face is very red. 

>From /etc/weekly:
echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\
        fgrep -v 'Permission denied'

It's run as nobody.