[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: locate / privacy/security



On Sun, 26 Dec 2004 14:23:55 +0200, Thanos Tsouanas <thanos_(_at_)_sians_(_dot_)_org> wrote:
> Hello!
> 
> I was wandering if there is away to run locate and have it
> respect permissions.

It does; the database is built as user nobody. If your homedir is not
world readable it won't show up in de database.

> 
> I mean, i can locate /root and see what's on root's dir, and
> generally u can locate whatever i want regardless from it's
> permissions.

Check your permissions for /root, something is not right.

[sven_(_at_)_bedrock ~]$ ls -ld /root 
drwx------  5 root  wheel  512 Oct 31 17:59 /root/

I can't reproduce that behaviour here.

[sven_(_at_)_bedrock ~]$ sudo ls /root 
.cshrc              .profile            .klogin           .login
.ssh                 Mail

[sven_(_at_)_bedrock ~]$ locate /root
/root
/usr/X11R6/include/X11/bitmaps/root_weave
/var/mail/root
/var/named/standard/root.hint

> 
> I think it should be disabled by default, or only enabled for
> root to run..
> 
> Any ideas?
> 
> --
> Thanos Tsouanas <thanos_(_at_)_sians_(_dot_)_org> .: Sians
> http://thanos.sians.org/           .: http://www.sians.org/
> 
> 

/Sven
-- 

Why are the pretty ones always insane?
-- J.G. Thirlwell