Date: Tue, 18 Jun 1996 17:26:46 -0700 (PDT) From: Steve Reid <root@edmweb.com> To: freebsd-isp@freebsd.org Cc: Rick Gray <rickg@nwpros.com> Subject: Re: /etc/daily Message-ID: <Pine.BSF.3.91.960618171644.176C-100000@bitbucket.edmweb.com> In-Reply-To: <31C6F559.3621A66B@fa.tdktca.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I've been getting this error message of not having the cleaning of / in > > /etc/daily enabled. How do you enable it? I've looked at /etc/daily and > > still confused. > > You can enable it by uncommenting (removing the pound signs from) the 4 > lines of code following the warning message. Thus it would look like this: > > # This is a security hole, never use 'find' on a public directory > # with -exec rm -f as root. This can be exploited to delete any file > # on the system. There was some discussion of this on the Bugtraq mailing list. A perl script that could be safely used in place of rm was posted. Bugtraq archives are available at several places, including: http://www.eecs.nwu.edu/~jmyers/bugtraq/archives.html The thread is "[linux-security] Things NOT to put in root's crontab" To cut right to the chase, the post with the script is at: http://www.eecs.nwu.edu/~jmyers/bugtraq/0666.html ===================================================================== | Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/) | | Email: steve@edmweb.com Home Page: http://www.edmweb.com/steve/ | | PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 | | -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. -- | ===================================================================:)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960618171644.176C-100000>