On Wed, 1 Aug 2001, Jeremy C. Reed wrote: > This don't say whether the locate database is always owned by nobody or > just temporary. (I am not at a slackware box.) I am just curious, because > some operating systems first create the database as nobody and then > immediately change the ownership (via a weekly cron job for example). > > If it is just temporary, then I assume an exploit must be timed. > > But, if it always owned by nobody, then that is a problem. Nothing should > really be owned by "nobody" -- isn't that the purpose of the unprivileged > user? > > If files/directories should be owned by nobody, please share some > examples. This is on a 7.1 box. It doesn't have a full install on it so there may possibly be more. I'm not running a proxy either. My guess (just a guess!) is files used by the proxy may also owned by nobody. # find / -user nobody -ls 294913 1 drwxr-xr-x 2 nobody bin 1024 Aug 3 04:41 /var/spool/locate 294914 884 -rw-r--r-- 1 nobody nogroup 904693 Aug 3 04:41 /var/spool/locate/locatedb 155654 1 drwxr-xr-x 2 nobody nobody 1024 Mar 20 02:58 /var/cache/proxy dentonj
This archive was generated by hypermail 2b30 : Fri Aug 03 2001 - 08:07:31 PDT