[2598] in bugtraq
Re: [linux-security] Things NOT to put in root's crontab
daemon@ATHENA.MIT.EDU (Zygo Blaxell)
Thu May 23 21:16:52 1996
Date: Thu, 23 May 1996 17:54:25 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Zygo Blaxell <zblaxell@myrus.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199605221724.NAA03201@hausdorff.math.psu.edu> from "Dan Cross"
at May 22, 96 01:24:16 pm
Quoted from Dan Cross:
> I was under the impression that find(1) didn't follow symbolic links?
> Thus, one wouldn't ``find'' /etc/passwd if there was a link to /etc
> from somewhere in /tmp.
The problem is that things that 'find' *in the past* determined were
directories can be *changed* into symlinks while it is running. 'find'
does not check that filenames that used to be directories have not been
replaced with something else.
Try it. Do this:
mkdir -p /tmp/test-1/directory/
date > /tmp/test-1/directory/file
ln -s file /tmp/test-1/directory/symlink
ln -s test-1 /tmp/test-2
Question: Does
find /tmp/test-2/directory ! -type l -ls
follow symlinks?
Answer: yes - the symlink in the parameter given to 'find'. The '!
-type l' prevents any *new* symlinks from being followed (so
'/tmp/test-2/directory/symlink' doesn't show up), but 'find' doesn't check
for symlinks in directories it has already decided to descend into.
> Please don't tell me that Linux (or, more precisely, GNU) broke this. :-)
The problem is not so much Linux as Unix. They botched things when they
added symbolic links to an unsuspecting operating system.
--
Zygo Blaxell. Former Unix/soft/hardware guru, U of Waterloo Computer Science
Club. Current sysadmin for Myrus Design, Inc. 10th place, ACM Intl Collegiate
Programming Contest Finals, 1994. Administer Linux nets for food, clothing,
and anime. "I gave up $1000 to avoid working on windoze... *sigh*" - Amy Fong
