Re: overwrite any file with updatedb
[Cc:ing to Bugtraq - this is important if you trust running as nobody too much]
> > And as has been pointed out this is "A Bad Thing"(tm) however on a Red Hat
> > system >= 4.2 this runs as nobody so it isn't an immediate issue.
> This needs to be corrected. /etc/cron.daily/find runs as root. That's
> correct, but if yo u look into it, you'll find
> su nobody -c "updatedb"
> So on Debian systems it runs as 'nobody', too.
And if you look further, at updatedb, you'll see this:
# FIXME figure out how to sort null-terminated strings, and use -print0.
if test -n "$SEARCHPATHS"; then
if [ "$LOCALUSER" != "" ]; then
su $LOCALUSER -c \
"$find $SEARCHPATHS \
} | sort -f | $frcode > $LOCATE_DB.n
So, while find may be run as nobody, sort and frcode definitely are not.
And as the comment says there may be something else lurking there.
I vote for coding this in perl.
email@example.com / Havoc Consulting
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .