mailing list archives
Re: [linux-security] Things NOT to put in root's crontab
From: wam () fedex com (William McVey)
Date: Wed, 22 May 1996 14:20:41 -0500
Dan Cross wrote:
I was under the impression that find(1) didn't follow symbolic links?
Thus, one wouldn't ``find'' /etc/passwd if there was a link to /etc
from somewhere in /tmp.
The exposure comes from a race condition between when find has
decended into a real directory (expected behavior) and when the
'rm' is forked (expected behavior). If between these two tasks a
real directory is replaced with a symlink (unexepected behavior)
you are going to have problems.
Re: [linux-security] Things NOT to put in root's crontab der Mouse (May 22)
Re: [linux-security] Things NOT to put in root's crontab Ken Descoteaux (May 22)