From owner-freebsd-isp  Tue Jun 18 17:27:06 1996
Return-Path: owner-isp
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id RAA12594
          for isp-outgoing; Tue, 18 Jun 1996 17:27:06 -0700 (PDT)
Received: from bitbucket.edmweb.com (bitbucket.edmweb.com [204.244.190.9])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id RAA12588
          for <freebsd-isp@freebsd.org>; Tue, 18 Jun 1996 17:27:02 -0700 (PDT)
Received: (from root@localhost) by bitbucket.edmweb.com (8.6.12/8.6.12) id RAA00260; Tue, 18 Jun 1996 17:26:52 -0700
Date: Tue, 18 Jun 1996 17:26:46 -0700 (PDT)
From: Steve Reid <root@edmweb.com>
To: freebsd-isp@freebsd.org
cc: Rick Gray <rickg@nwpros.com>
Subject: Re: /etc/daily
In-Reply-To: <31C6F559.3621A66B@fa.tdktca.com>
Message-ID: <Pine.BSF.3.91.960618171644.176C-100000@bitbucket.edmweb.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> > I've been getting this error message of not having the cleaning of / in
> > /etc/daily enabled. How do you enable it? I've looked at /etc/daily and
> > still confused.
> 
> You can enable it by uncommenting (removing the pound signs from) the 4 
> lines of code following the warning message.  Thus it would look like this:
> 
>   # This is a security hole, never use 'find' on a public directory
>   # with -exec rm -f as root.  This can be exploited to delete any file
>   # on the system.

There was some discussion of this on the Bugtraq mailing list. A perl 
script that could be safely used in place of rm was posted. Bugtraq 
archives are available at several places, including:
  http://www.eecs.nwu.edu/~jmyers/bugtraq/archives.html
The thread is "[linux-security] Things NOT to put in root's crontab"

To cut right to the chase, the post with the script is at:
  http://www.eecs.nwu.edu/~jmyers/bugtraq/0666.html


=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/)    |
| Email: steve@edmweb.com   Home Page: http://www.edmweb.com/steve/ |
| PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 |
|          -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. --          |
===================================================================:)