mailing list archives
Re: [linux-security] Things NOT to put in root's crontab
From: zblaxell () myrus com (Zygo Blaxell)
Date: Thu, 23 May 1996 17:54:25 -0400
Quoted from Dan Cross:
I was under the impression that find(1) didn't follow symbolic links?
Thus, one wouldn't ``find'' /etc/passwd if there was a link to /etc
from somewhere in /tmp.
The problem is that things that 'find' *in the past* determined were
directories can be *changed* into symlinks while it is running. 'find'
does not check that filenames that used to be directories have not been
replaced with something else.
Try it. Do this:
mkdir -p /tmp/test-1/directory/
date > /tmp/test-1/directory/file
ln -s file /tmp/test-1/directory/symlink
ln -s test-1 /tmp/test-2
find /tmp/test-2/directory ! -type l -ls
Answer: yes - the symlink in the parameter given to 'find'. The '!
-type l' prevents any *new* symlinks from being followed (so
'/tmp/test-2/directory/symlink' doesn't show up), but 'find' doesn't check
for symlinks in directories it has already decided to descend into.
Please don't tell me that Linux (or, more precisely, GNU) broke this. :-)
The problem is not so much Linux as Unix. They botched things when they
added symbolic links to an unsuspecting operating system.
Zygo Blaxell. Former Unix/soft/hardware guru, U of Waterloo Computer Science
Club. Current sysadmin for Myrus Design, Inc. 10th place, ACM Intl Collegiate
Programming Contest Finals, 1994. Administer Linux nets for food, clothing,
and anime. "I gave up $1000 to avoid working on windoze... *sigh*" - Amy Fong
SGI Security Advisory 19960501-01-PX SGI Security Coordinator (May 22)
- Re: tcpd on IRIX (was Re: SunOS 4.1.4 fingerd), (continued)