[688] in linux-security and linux-alert archive
Re: [linux-security] locate & updatedb
daemon@ATHENA.MIT.EDU (owner-linux-security@tarsier.cv.nr)
Mon Apr 29 13:25:35 1996
From: owner-linux-security@tarsier.cv.nrao.edu
Date: Sat, 27 Apr 1996 05:27:33 -0400 (EDT)
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.BSI.3.91.960425030831.18748B-100000@malasada.lava.net>
[mod: quoting trimmed. --okir]
On Thu, 25 Apr 1996, Jordy wrote:
> i've noticed this problem for quite a while. updatedb is standard in the
> crontab of root, so it can enter any directories root can enter. An easy
> fix is to simply run it as another user, or disable locate all together.
Taken from the updatedb man page:
--prunepaths='path1 path2...'
Directories to not put in the database, which would
otherwise be. Default is /tmp /usr/tmp /var/tmp
/afs.
So, an implementation of:
updatedb --prunepaths='/usr/admin /root' would be a good start.
"We had it tough ... I had to get up at 9 o'clock at night, half an
hour before I went to bed, eat a lump of dry poison, work 29 hours down
mill, and when we came home our Dad would kill us, and dance about on
our grave singing Haleleuia ..."
-- Monty Python
