From owner-freebsd-questions  Sun Apr 21 12: 5:24 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87])
	by hub.freebsd.org (Postfix) with ESMTP id BDF2F37B419
	for <questions@FreeBSD.ORG>; Sun, 21 Apr 2002 12:05:16 -0700 (PDT)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc54.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020421190516.YRTK1102.rwcrmhc54.attbi.com@blossom.cjclark.org>;
          Sun, 21 Apr 2002 19:05:16 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g3LJ5Gd80348;
	Sun, 21 Apr 2002 12:05:16 -0700 (PDT)
	(envelope-from cjc)
Date: Sun, 21 Apr 2002 12:05:16 -0700
From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: "Dan Mahoney, System Admin" <danm@prime.gushi.org>
Cc: questions@FreeBSD.ORG
Subject: Re: Locate revealing contents of root:wheel 700 directories
Message-ID: <20020421120516.C80199@blossom.cjclark.org>
References: <20020421131741.U39364-100000@prime.gushi.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020421131741.U39364-100000@prime.gushi.org>; from danm@prime.gushi.org on Sun, Apr 21, 2002 at 01:27:14PM -0400
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

[-questions _or_ -security, not both. Redirected to -questions only.]

On Sun, Apr 21, 2002 at 01:27:14PM -0400, Dan Mahoney, System Admin wrote:
> Hi, I noticed that in freeBSD 4.5, locate shows the contents of all
> folders, even in my previously root:wheel 700 directory, /mnt/var/log.
> 
> (It's my /var/log directory).
> 
> I don't recall this being the case previously, and I thought for a moment
> that it was like the linux slocate, where the locate tool respects
> permissions (i.e. I wouldn't be able to see the contents of /var/log if I
> weren't root), but su -ling down to an unprivileged user has confirmed
> this.
> 
> I should note that the crontab which calls locate checks for file
> ownership, but by default, shouldn't the locate utility?

The /etc/periodic/weekly/310.locate script hasn't changed for ages. It
shouldn't be mapping files in a 700 root:wheel directory.

You mention running it out of a crontab(5)? The periodic(8) weekly
scripts are run out of cron(8), so in a sense the locate build is run
too, but not directly. Are you running your own locate database build
somewhere? If you are running it as root, that would explain the
issue.
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message