Date: Thu, 26 Dec 1996 00:45:28 +1100 From: Bruce Evans <bde@zeta.org.au> To: bugtraq@netspace.org, security-officer@freebsd.org, security@freebsd.org, steve@edmweb.com Subject: Re: FALSE ALARM: Re: Another buggy root cron job Message-ID: <199612251345.AAA26072@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>My face is very red. > >>From /etc/weekly: >echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\ > fgrep -v 'Permission denied' > >It's run as nobody. Indeed. There's a similar potential hole in mkdep. This hole is a bit larger than the one for the race in mktemp(). No one runs `make depend' or compiles things as root on public machines, right? ;-) Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612251345.AAA26072>