Re: overwrite any file with updatedb
On Tue, Mar 03, 1998 at 10:15:12AM -0500, Bryan Andregg wrote:
> On Tue, 3 Mar 1998 10:39:05 +0100 (CET), Remco Blaakmeer wrote:
> >I don't have a Red Hat system at hands to test this, so let me tell you
> >what it's like on a Debian pre-2.0 system, which I am currently using.
> >
> >On my system, this bug is present.
> >
> >Daily, cron runs "run-parts /etc/cron.daily" as root. In this directory is
> >a file named "find" with these contents:
> >
>
> And as has been pointed out this is "A Bad Thing"(tm) however on a Red Hat
> system >= 4.2 this runs as nobody so it isn't an immediate issue.
This needs to be corrected. /etc/cron.daily/find runs as root. That's
correct, but if yo u look into it, you'll find
su nobody -c "updatedb"
So on Debian systems it runs as 'nobody', too.
Regards,
Joey
--
/ Martin Schulze * joey@infodrom.north.de * 26129 Oldenburg /
/ If you come from outside of Finland, you live in wrong country /
/ Featuring Debian GNU/Linux motd von irc.funet.fi /
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: