Date: Sun, 21 Apr 2002 12:05:16 -0700 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: "Dan Mahoney, System Admin" <danm@prime.gushi.org> Cc: questions@FreeBSD.ORG Subject: Re: Locate revealing contents of root:wheel 700 directories Message-ID: <20020421120516.C80199@blossom.cjclark.org> In-Reply-To: <20020421131741.U39364-100000@prime.gushi.org>; from danm@prime.gushi.org on Sun, Apr 21, 2002 at 01:27:14PM -0400 References: <20020421131741.U39364-100000@prime.gushi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-questions _or_ -security, not both. Redirected to -questions only.]
On Sun, Apr 21, 2002 at 01:27:14PM -0400, Dan Mahoney, System Admin wrote:
> Hi, I noticed that in freeBSD 4.5, locate shows the contents of all
> folders, even in my previously root:wheel 700 directory, /mnt/var/log.
>
> (It's my /var/log directory).
>
> I don't recall this being the case previously, and I thought for a moment
> that it was like the linux slocate, where the locate tool respects
> permissions (i.e. I wouldn't be able to see the contents of /var/log if I
> weren't root), but su -ling down to an unprivileged user has confirmed
> this.
>
> I should note that the crontab which calls locate checks for file
> ownership, but by default, shouldn't the locate utility?
The /etc/periodic/weekly/310.locate script hasn't changed for ages. It
shouldn't be mapping files in a 700 root:wheel directory.
You mention running it out of a crontab(5)? The periodic(8) weekly
scripts are run out of cron(8), so in a sense the locate build is run
too, but not directly. Are you running your own locate database build
somewhere? If you are running it as root, that would explain the
issue.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020421120516.C80199>