[699] in linux-security and linux-alert archive
Re: [linux-security] locate & updatedb
daemon@ATHENA.MIT.EDU (Marc Ewing)
Sat May 4 12:30:59 1996
To: John Gilmore <gnu@toad.com>
cc: linux-security@tarsier.cv.nrao.edu
In-reply-to: <199605030613.XAA04003@toad.com> from John Gilmore
<gnu@toad.com> on Thu, 02 May 1996 23:13:41 PDT.
Date: Fri, 03 May 1996 11:12:12 -0400
From: Marc Ewing <marc@redhat.com>
[Mod: Quoting trimmed slightly. --Jeff.]
John Gilmore <gnu@toad.com> writes:
> I think a more durable solution would be to add a call to access() in
> the locate command. Before returning any file name on stdout, locate
> would check that it is accessible to the user who's running locate.
>
> This not only allows a full root `find' in updatedb, but also has the
> nice side effect of eliminating files from locate's output if they have
> been deleted or made inaccessible since updatedb was run by cron.
That is a nice side-effect, but I think it doesn't really solve the
problem -- the info is still in the database for all to read.
-Marc
