Date: Wed, 19 Jun 1996 10:44:31 -0500 From: Alex Nash <alex@fa.tdktca.com> To: John-Mark Gurney <gurney_j@resnet.uoregon.edu> Cc: freebsd-isp@freebsd.org Subject: Re: /etc/daily Message-ID: <31C8205F.32315B31@fa.tdktca.com> References: <Pine.BSF.3.91.960619004858.606C-100000@nike.efn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
John-Mark Gurney wrote: > > On Tue, 18 Jun 1996, Alex Nash wrote: > > > # This is a security hole, never use 'find' on a public directory > > # with -exec rm -f as root. This can be exploited to delete any file > > # on the system. > > > > You may wish to search the archives for a further description of this > > security hole. > > I have a quick comment about this... can't you specify /bin/rm instead > of just rm? wouldn't that help fix the security bug? or is that related > to the use of special file names? This is not a path problem, but a race condition that can be exploited by using symbolic links. This is due to the delays between the directory being located by 'find' and the execution of 'rm.' Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31C8205F.32315B31>