[3870] in bugtraq
Re: Problem with default slackware crontabs
daemon@ATHENA.MIT.EDU (Andi Gutmans)
Wed Dec 25 11:46:36 1996
Date: Wed, 25 Dec 1996 13:24:19 +0200
Reply-To: Andi Gutmans <andi@vipe.technion.ac.il>
From: Andi Gutmans <andi@vipe.technion.ac.il>
X-To: jon@betterthan.northstar.k12.ak.us
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Hey,
On my redhat system this isn't the case.
The temp file of db is in /var/lib which is only writeable by root.
Andi
At 14:34 24/12/96 -0900, Jon Snyder wrote:
>Using Slackware 3.0, I noticed a problem with the default root crontab. It
>runs updatedb at 7:40 a.m. every day, but unforunately updatedb has a
>temporary file security problem--it doesn't check for symlinks (or if the
>file exists, for that matter). updatedb will write to /var/tmp (or
>/usr/tmp), and although the filename includes the PID of the shell the
>script is running under, a vulnerability still exists. I've taken updatedb
>out of my crontab, because locate is never used on my system. However, it
>might be wise to modify the script so as to prevent exploits from
>compromising your systems.
>
>
>Jon Snyder
>Student Network Technician, FNSBSD
>(907) 452-2000 x. 376
>
>
