updatedb?

Polytropon freebsd at edvax.de
Tue Dec 18 21:53:29 UTC 2012 

On Tue, 18 Dec 2012 21:32:50 +0000, RW wrote:
> On Tue, 18 Dec 2012 21:01:33 +0000 (UTC)
> Walter Hurry wrote:
> 
> > $ sudo /usr/libexec/locate.updatedb
> > >>> WARNING
> > >>> Executing updatedb as root.  This WILL reveal all filenames
> > >>> on your machine to all login users, which is a security risk.
> > $
> > 
> > Why is it a "security risk"? Security through obscurity? Really? In
> > this day and age?
> > 
> > Or am I missing something?
> 
> If permissions have been set to prevent other users reading filenames
> then obviously leaking file names is security issue.

There are no "leaking file names", as by command, the tool does
what it is requested to: to not obey the restrictions that apply
in its _normal_ use and list _all_ file names instead.

See /etc/periodic/weekly/310.locate for example: The default call
of locate.updatedb is this:

echo /usr/libexec/locate.updatedb | nice -n 5 su -fm nobody || rc=3

The program (script) will additionally honor settings in the
/etc/locate.rc file.

So if the questioned use of "sudo /usr/libexec/locate.updatedb" to
run it as root (with _all_ permissions!) leads to the intended
behaviour, i. e. list _all_ files on the system, that isn't
actually a leak, I'd say. (Terminology: A leak would appear if
you'd run locate.updatedb with the "nobody" user, and still
file names from inside a o-rwx directory would appear!)

I really like the analogy provided by Devin Teske in his reply:

	When you run updatedb as root, it traverses all
	directories even those that you may have posted
	a big "keep out" sign on (aforementioned "chmod").
	Then every non-privileged user on the system can
	list the contents of your secret hideout with the
	"keep out" sign posted on it. You might have well
	built that house out of glass (they can't read the
	contents of the books on your bookshelf, but they
	can see the covers and know what you've got stocked
	on the shelves).

Again: If that's intended, locate.updatedb will act as instructed.
Oh behold the unlimited power of root. :-)




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list