[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: crontab security question

Bill Mitchell wrote:
> Just a random thought regarding e.g.:
>   find /tmp -mtime +1 -print | xargs rm -f
> It seems that the vulnerability window would be a lot smaller with
> something like:
>   find /tmp -mtime +1 -exec rm -f {} \;

According to the stuff on the filereaper page the second form
is also vulnerable to the same style attack, but may take a *few*
more tries.


Steve Greenland

The Mole - I think, therefore I scream 

			    "Hello again, Peabody here..."
[The opening lines to almost every episode of PEABODY & SHERMAN]

Reply to: