Re: /etc/crontab.daily and the security hole in find | xargs

To: debian-user@lists.debian.org
Subject: Re: /etc/crontab.daily and the security hole in find | xargs
From: Carey Evans <c.evans@clear.net.nz>
Date: 09 Aug 1997 17:56:32 +1200
Message-id: <[🔎] 87iuxf7vcf.fsf@psyche.evansnet>
In-reply-to: "Scott K. Ellis"'s message of Thu, 7 Aug 1997 14:32:21 -0400 (EDT)
References: <[🔎] Pine.LNX.3.96.970807142746.1156A-100000@olorin.dyn.ml.org>

"Scott K. Ellis" <storm@gate.net> writes:

[snip]

> The only solution is to come up with a program that
> never follows syslinks, and checks that the i-node of the file it is
> removing remains the same.

Actually, i-nodes can be recycled, so it isn't a good idea to depend
on that:

% cd /tmp
% touch foo
% ls -li foo
     14 -rw-rw-r--   1 carey    carey           0 Aug  9 17:47 foo
% rm foo
% touch foo
% ls -li foo
     14 -rw-rw-r--   1 carey    carey           0 Aug  9 17:48 foo

If a program will be creating a file (like /tmp/.X0-lock) but
another creates and deletes a file in the same file system just before
this, it will probably have the same i-node.

-- 
		Carey Evans  <*>  c.evans@clear.net.nz

"[UNIX] appears to have the inside track on being the replacement for
  CP/M on the largest microcomputers (e.g. those based on 68000...)"

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: /etc/crontab.daily and the security hole in find | xargs
  - From: Nils Rennebarth <nils@nus.de>

References:
- Re: /etc/crontab.daily and the security hole in find | xargs
  - From: "Scott K. Ellis" <storm@gate.net>

Prev by Date: A installation report...
Next by Date: Re: Driver installation problems
Previous by thread: Re: /etc/crontab.daily and the security hole in find | xargs
Next by thread: Re: /etc/crontab.daily and the security hole in find | xargs
Index(es):
- Date
- Thread