[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: overwrite any file with updatedb

[Cc:ing to Bugtraq - this is important if you trust running as nobody too much]
> > And as has been pointed out this is "A Bad Thing"(tm) however on a Red Hat 
> > system >= 4.2 this runs as nobody so it isn't an immediate issue.
> This needs to be corrected.  /etc/cron.daily/find runs as root.  That's
> correct, but if yo u look into it, you'll find
> 	su nobody -c "updatedb"
> So on Debian systems it runs as 'nobody', too.

	And if you look further, at updatedb, you'll see this:

# FIXME figure out how to sort null-terminated strings, and use -print0.
if test -n "$SEARCHPATHS"; then
  if [ "$LOCALUSER" != "" ]; then
    su $LOCALUSER -c \
    "$find $SEARCHPATHS \
} | sort -f | $frcode > $LOCATE_DB.n

	So, while find may be run as nobody, sort and frcode definitely are not.
	And as the comment says there may be something else lurking there.
	I vote for coding this in perl.
tv@havoc.fi / Havoc Consulting

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: