From owner-freebsd-isp Wed Jun 19 08:41:25 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA20956 for isp-outgoing; Wed, 19 Jun 1996 08:41:25 -0700 (PDT) Received: from shogun.tdktca.com ([206.26.1.21]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA20947 for ; Wed, 19 Jun 1996 08:41:22 -0700 (PDT) Received: from shogun.tdktca.com (daemon@localhost) by shogun.tdktca.com (8.7.2/8.7.2) with ESMTP id KAA27785 for ; Wed, 19 Jun 1996 10:42:45 -0500 (CDT) Received: from orion.fa.tdktca.com ([163.49.131.130]) by shogun.tdktca.com (8.7.2/8.7.2) with SMTP id KAA27778 for ; Wed, 19 Jun 1996 10:42:45 -0500 (CDT) Received: from orion (alex@localhost [127.0.0.1]) by orion.fa.tdktca.com (8.6.12/8.6.9) with SMTP id KAA10152; Wed, 19 Jun 1996 10:44:31 -0500 Message-ID: <31C8205F.32315B31@fa.tdktca.com> Date: Wed, 19 Jun 1996 10:44:31 -0500 From: Alex Nash Organization: TDK Factory Automation X-Mailer: Mozilla 2.0 (X11; I; Linux 1.2.13 i586) MIME-Version: 1.0 To: John-Mark Gurney CC: freebsd-isp@freebsd.org Subject: Re: /etc/daily References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk John-Mark Gurney wrote: > > On Tue, 18 Jun 1996, Alex Nash wrote: > > > # This is a security hole, never use 'find' on a public directory > > # with -exec rm -f as root. This can be exploited to delete any file > > # on the system. > > > > You may wish to search the archives for a further description of this > > security hole. > > I have a quick comment about this... can't you specify /bin/rm instead > of just rm? wouldn't that help fix the security bug? or is that related > to the use of special file names? This is not a path problem, but a race condition that can be exploited by using symbolic links. This is due to the delays between the directory being located by 'find' and the execution of 'rm.' Alex