Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 May 1996 11:24:56 +0100
From:      Luc Beurton <beurton@fnet.fr>
To:        "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: [linux-security] Things NOT to put in root's crontab (fwd) 
Message-ID:  <199605221024.LAA00905@nil.fnet.fr>
In-Reply-To: Your message of "Tue, 21 May 1996 23:53:40 METDST." <199605220653.XAA13950@GndRsh.aac.dev.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

#> 
#> On Tue, 21 May 1996, Tom Samplonius wrote:
#> 
#> > 
#> > On Tue, 21 May 1996, Chris J. Layne wrote:
#> > 
#> > > I think this applies to our cleanup of /tmp in /etc/rc
#> > 
#> >   I think it doesn't.
#> > 
#> >   Our rm removes links, not files pointed to by links.  So:
#> > 
#> > cd /tmp
#> > ln -s /etc/passwd thing
#> > rm thing
#> > 
#> > will remove the link, not /etc/passwd.
#> 
#>   I don't know what I was thinking when I wrote that:
#> 
#> cd /tmp
#> ln -s /etc b
#> rm b/passwd
#> 
#> will remove /etc/passwd.
#> 
#>   However, I don't believe that this method can exploited with 
#> the standard /etc/rc because we use "rm -rf".  I don't find should be 
#> doing a depth-first traversal in this case.
#
#/etc/rc is not the problem, /etc/*ly is:
#SkyRsh# grep exec /etc/*ly
#/etc/daily:     find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
#                                           ^^^^^^^^^^^
#/etc/daily:     find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
#                                           ^^^^^^^^^^^
#/etc/daily:#            -a -atime +3 -exec rm -f -- {} \;
#                                     ^^^^^^^^^^^
#/etc/weekly:PATH=/bin:/sbin:/usr/sbin:/usr/bin:/usr/libexec
#/etc/weekly:#find /usr/src -name '*.o' -atime +21 -print -a -exec rm -f {} \;
#                                                             ^^^^^^^^^^^
#/etc/weekly:echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\

'-exec rm -f' is not a probleme because:
only /var/tmp/etc (the symbolic link) will be removed

I think ,the real probleme is to use the flags `-r' because rm follow the symbolic link.

Luc.

#> 
#>   I'll get sleep before I comment more.
#> 
#> Tom
#> 
#
#
#-- 
#Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
#Accurate Automation Company                 Reliable computers for FreeBSD

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605221024.LAA00905>