|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: overwrite any file with updatedb
Bryan Andregg (bandregg
REDHAT.COM)Mon, 2 Mar 1998 19:11:37 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Cain: "updatedb stuff"
- Previous message: Andy Church: "Re: strcpy versus strncpy"
- In reply to: Cain: "overwrite any file with updatedb"
- Next in thread: Jeff Murphy: "Re: overwrite any file with updatedb"
On Sun, 1 Mar 1998 22:44:11 -0500, Cain wrote:
>If this is already known, my apologies. It seemed very strange that this
>worked, so I thought it would be mentionable.
>
>On many linux systems(Redhat imparticularly) updatedb is run nightly
>around 1:00. When it sorts the files that find gets, it creats a few files
>in /tmp called sort0<pid>000{1,2,etc}. Each is around 512k. The
>first file is created and filled, then if necassary, another is created
>and so on until it has your whole filesystem into a nice database. Well,
>once the first file is created you can easily guess what the next filename
>will be called as only the last character will change. If you create a
>link to say, the shadow password file, updatedb will kindly overwrite it
>for you. Ex:
It should be pointed out that on Red Hat 4.2 and 5.0 updatedb runs as user
nobody by default.
This is not a security issue unless you are running a distribution at least a
year old.
We will be checking for the proper use of temp files in the source also.
--
Bryan C. Andregg * <bandreggredhat.com> * Red Hat Software
"Donnie were much more 'user-friendly'. May be you selective
about friends:-)" -- Levente Farkas
"Hey, wait a minute, you clowns are on dope!"
-- Owen Cheese in 'Shakes the Clown'
- Next message: Cain: "updatedb stuff"
- Previous message: Andy Church: "Re: strcpy versus strncpy"
- In reply to: Cain: "overwrite any file with updatedb"
- Next in thread: Jeff Murphy: "Re: overwrite any file with updatedb"