Bugtraq mailing list archives
Re: [linux-security] Things NOT to put in root's crontab
From: wam () fedex com (William McVey)
Date: Wed, 22 May 1996 14:20:41 -0500
Dan Cross wrote:
I was under the impression that find(1) didn't follow symbolic links? Thus, one wouldn't ``find'' /etc/passwd if there was a link to /etc from somewhere in /tmp.
The exposure comes from a race condition between when find has decended into a real directory (expected behavior) and when the 'rm' is forked (expected behavior). If between these two tasks a real directory is replaced with a symlink (unexepected behavior) you are going to have problems. -- William
Current thread:
- Re: [linux-security] Things NOT to put in root's crontab Christopher D. McCann (May 22)
- <Possible follow-ups>
- Re: [linux-security] Things NOT to put in root's crontab William McVey (May 22)
- Re: [linux-security] Things NOT to put in root's crontab Philip Guenther (May 22)
- Re: [linux-security] Things NOT to put in root's crontab Sean Vickery (May 22)
- Re: [linux-security] Things NOT to put in root's crontab Philip Guenther (May 22)
- Re: [linux-security] Things NOT to put in root's crontab Colin Jenkins (May 23)
- Re: [linux-security] Things NOT to put in root's crontab Philip Guenther (May 23)
- Re: [linux-security] Things NOT to put in root's crontab Colin Jenkins (May 24)
- Re: [linux-security] Things NOT to put in root's crontab Aidas Kasparas (May 26)
- Re: [linux-security] Things NOT to put in root's crontab Philip Guenther (May 22)
- Re: [linux-security] Things NOT to put in root's crontab Zygo Blaxell (May 23)