Re: [linux-security] Things NOT to put in root's crontab

[zblaxell () myrus com (Zygo Blaxell)]

Quoted from Dan Cross:
> I was under the impression that find(1) didn't follow symbolic links?
> Thus, one wouldn't ``find'' /etc/passwd if there was a link to /etc
> from somewhere in /tmp.

The problem is that things that 'find' *in the past* determined were
directories can be *changed* into symlinks while it is running.  'find'
does not check that filenames that used to be directories have not been
replaced with something else.

Try it.  Do this:

        mkdir -p /tmp/test-1/directory/
        date > /tmp/test-1/directory/file
        ln -s file /tmp/test-1/directory/symlink
        ln -s test-1 /tmp/test-2

Question:  Does

        find /tmp/test-2/directory ! -type l -ls

follow symlinks?

Answer:  yes - the symlink in the parameter given to 'find'.  The '!
-type l' prevents any *new* symlinks from being followed (so
'/tmp/test-2/directory/symlink' doesn't show up), but 'find' doesn't check
for symlinks in directories it has already decided to descend into.

> Please don't tell me that Linux (or, more precisely, GNU) broke this.  :-)

The problem is not so much Linux as Unix.  They botched things when they
added symbolic links to an unsuspecting operating system.

--
Zygo Blaxell.  Former Unix/soft/hardware guru, U of Waterloo Computer Science
Club.  Current sysadmin for Myrus Design, Inc.  10th place, ACM Intl Collegiate
Programming Contest Finals, 1994.  Administer Linux nets for food, clothing,
and anime.  "I gave up $1000 to avoid working on windoze... *sigh*" - Amy Fong