Bas Smeelen b.smeelen at ose.nl
Tue Dec 18 23:06:59 UTC 2012

On 12/18/12 23:44, RW wrote:
> On Tue, 18 Dec 2012 22:53:29 +0100
> Polytropon wrote:
>> On Tue, 18 Dec 2012 21:32:50 +0000, RW wrote:
>>> On Tue, 18 Dec 2012 21:01:33 +0000 (UTC)
>>> Walter Hurry wrote:
>>>> $ sudo /usr/libexec/locate.updatedb
>>>>>>> WARNING
>>>>>>> Executing updatedb as root.  This WILL reveal all filenames
>>>>>>> on your machine to all login users, which is a security risk.
>>>> $
>>>> Why is it a "security risk"? Security through obscurity? Really?
>>>> In this day and age?
>>>> Or am I missing something?
>>> If permissions have been set to prevent other users reading
>>> filenames then obviously leaking file names is security issue.
>> There are no "leaking file names",
> There is from the perspective of an ordinary user that's configured
> directories under ~ to be confidential.
>> as by command, the tool does
>> what it is requested to: to not obey the restrictions that apply
>> in its _normal_ use and list _all_ file names instead.
> Obviously. But the warning is intended for people that haven't
> thought through the consequences of what they are doing.

Agree. It is good to be there. Should be clear to Walter I guess. It is 
not security through obscurity, it is security by permissions and 
controls, and root can circumvent these and expose potential security 
risks by information to others or the world, thus the warning when 
running it as root.


> On Tue, 18 Dec 2012 22:49:43 +0100
> Bas Smeelen wrote:
>> Yes. But as stated before it defaults to run as user nobody.
>> Line 26 /etc/periodic/weekly/310.locate
>> echo /usr/libexec/locate.updatedb | nice -n 5 su -fm nobody || rc=3
> This is true but not very relevant.
> It runs as nobody from the periodic script, but the warning comes from
> locate.updatedb itself, which may be run independently of 310.locate.
>> If someone runs it as root it can be, as everything being run as
>> root, a security issue.
> Not really, mostly when things are run as root there is an additional
> risk. Very few things do the wrong thing simply as a consequence of
> running as root so it warrants a warning.

Fully agree. Root can be a liability though.

More information about the freebsd-questions mailing list