Re: FALSE ALARM: Re: Another buggy root cron job

[bde () zeta org au (Bruce Evans)]

> My face is very red.
>
> > From /etc/weekly:
> echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\
>        fgrep -v 'Permission denied'
>
> It's run as nobody.

Indeed.

There's a similar potential hole in mkdep.  This hole is a bit larger
than the one for the race in mktemp().  No one runs `make depend' or
compiles things as root on public machines, right? ;-)

Bruce