Bugtraq mailing list archives
locate
From: insanity () acidtrip alaska edu (Ian Otsane)
Date: Tue, 16 Jul 1996 22:54:10 -0800
There is a minor problem with the "locate" command that comes with linux (or perhaps other machines too). You can use it to look into other people's directorys (assuming that you keep the database up to date, and the database file is world readable, as is the default). Just type "locate /home/username" and you get a complete list of what they have. A possible modification to fix this would be to either make the locate database chmod 600 (which would deny everyone all access) or to make updatedb only record entries which are in world readable directories. Not a big problem, but it does give users access to something they should not have. Also, pppd comes suid root under slackware (and probably most other linux distributions). People can use this to set up a ppp connection using whatever ip address they want (as default there are no restrictions set). This would make rhosts file exploitable (among other problems). Most of these linux distributions come with way too many suid root files. I unsuided all but at, cron, chsh, newgrp, passwd, chfn, deliver, keyinit (for skey), sendmail, and su, and my system seems to run fine (of course I usually only use it logged on as root). Most of the daemons in /etc/inetd.conf don't need to be there either, especially for personal machines.
Current thread:
- Re: brute force Jacob Langseth (Jul 10)
- Re: brute force Buckaroo Banzai (Jul 16)
- Holly Wars Aleph One (Jul 16)
- [linux-security] sliplogin (fwd) Paul Danckaert (Jul 16)
- Re: [linux-security] sliplogin (fwd) Nate Williams (Jul 16)
- HP/UX 10.01 Remote Administration accoun Matt Barrie SYD (Jul 16)
- locate Ian Otsane (Jul 16)
- Re: locate Christian Limpach (Jul 17)
- FreeBSD Security Advisory 96:17 - rzsz FreeBSD Security Officer (Jul 17)
- FreeBSD Security Advisory 96:16 - rdist FreeBSD Security Officer (Jul 17)