[3862] in bugtraq
Problem with default slackware crontabs
daemon@ATHENA.MIT.EDU (Jon Snyder)
Tue Dec 24 21:21:16 1996
Date: Tue, 24 Dec 1996 14:34:51 -0900
Reply-To: jon@betterthan.northstar.k12.ak.us
From: Jon Snyder <jon@betterthan.northstar.k12.ak.us>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
Using Slackware 3.0, I noticed a problem with the default root crontab. It
runs updatedb at 7:40 a.m. every day, but unforunately updatedb has a
temporary file security problem--it doesn't check for symlinks (or if the
file exists, for that matter). updatedb will write to /var/tmp (or
/usr/tmp), and although the filename includes the PID of the shell the
script is running under, a vulnerability still exists. I've taken updatedb
out of my crontab, because locate is never used on my system. However, it
might be wise to modify the script so as to prevent exploits from
compromising your systems.
Jon Snyder
Student Network Technician, FNSBSD
(907) 452-2000 x. 376
