[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: 'locate' does not check permissions



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Pedro" == Pedro Zorzenon Neto <pzn@terra.com.br> writes:

Pedro> Hi list, I created a directory /home/pzn/private/ and chmod it
Pedro> go-rwx to put my private things.  Then nobody can see the
Pedro> contents and files of this directory, right? I've believed it was
Pedro> true, but other user can do:

Pedro>    $ ls -l ~pzn/
Pedro>      ...
Pedro>      drwx--S---   20 pzn      pzn          4096 Mai 16 09:54 private
Pedro>      ...
Pedro>    $ locate private | grep "/home/pzn/private"
Pedro>      the whole contents of my private dir suddenly appears here...

Pedro>    Why doesn't locate/updatedb saves the permissions?

Install the slocate package.  It behaves properly.

Then delete your old locate database (/var/lib/locate/locatedb), so that
people can't use the old locate.

slocate will automatically make a symlink from locate to its own binary,
so you can still use the "locate" command.

- -- 
Hubert Chan <hackerhue@geek.com>
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD  6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net.
Please encrypt *all* e-mail to me.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/>

iD8DBQE7IAyIZRhU33H9o38RArfoAJ9o/wXmbf+40nVBErUtgx0Xt96HPQCghhGF
kxxb6W2IA/iWpKlZOvcVcF8=
=ooIg
-----END PGP SIGNATURE-----



Reply to: