Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Josh Smith (joshviper.falcon-networks.com)
Date: Wed Aug 01 2001 - 15:04:17 CDT
In slackware, it is constantly owned by nobody. However, even if
it is only owned for nobody for a certain period of time, it just creates
a race condition and is still "a problem."
> This don't say whether the locate database is always owned by nobody or
> just temporary. (I am not at a slackware box.) I am just curious, because
> some operating systems first create the database as nobody and then
> immediately change the ownership (via a weekly cron job for example).
> If it is just temporary, then I assume an exploit must be timed.
> But, if it always owned by nobody, then that is a problem. Nothing should
> really be owned by "nobody" -- isn't that the purpose of the unprivileged