Date: Wed, 22 May 1996 08:21:47 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com> To: beurton@fnet.fr (Luc Beurton) Cc: freebsd-security@freebsd.org Subject: Re: [linux-security] Things NOT to put in root's crontab (fwd) Message-ID: <199605221521.IAA14176@GndRsh.aac.dev.com> In-Reply-To: <199605221024.LAA00905@nil.fnet.fr> from Luc Beurton at "May 22, 96 11:24:56 am"
next in thread | previous in thread | raw e-mail | index | archive | help
...
> #
> #/etc/rc is not the problem, /etc/*ly is:
> #SkyRsh# grep exec /etc/*ly
> #/etc/daily: find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
> # ^^^^^^^^^^^
> #/etc/daily: find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
> # ^^^^^^^^^^^
> #/etc/daily:# -a -atime +3 -exec rm -f -- {} \;
> # ^^^^^^^^^^^
> #/etc/weekly:PATH=/bin:/sbin:/usr/sbin:/usr/bin:/usr/libexec
> #/etc/weekly:#find /usr/src -name '*.o' -atime +21 -print -a -exec rm -f {} \;
> # ^^^^^^^^^^^
> #/etc/weekly:echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\
>
> '-exec rm -f' is not a probleme because:
> only /var/tmp/etc (the symbolic link) will be removed
Read the LONG post very carefully. There is a potential race condition
by using a combination attack of LOTS of directories in /tmp with LOTS
of symbolic links. If you switch between a dir and link at the right time
it will be followed due to delays betweeen the find execution and the exec'ing
of rm -f.
>
> I think ,the real probleme is to use the flags `-r' because rm
> follow the symbolic link.
rm -r will not follow a symbolic link, any more than find will. You may
be able to spoof rm -r with the same type of attach, that I don't know.
--
Rod Grimes rgrimes@gndrsh.aac.dev.com
Accurate Automation Company Reliable computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605221521.IAA14176>