Jim Li wrote: > Q4. What reserved GID is being used for slocate? and other questions > about this. > > Group "slocate" is not necessary by going through the source code deeply. > So just remove all "slocate" relative stuff.
So slocate is no longer SUID or SGID ? > Q7. Does Slocate work with ACLs on Solaris? > > Actually, Slocate uses system call access() to check file permissions, > so it works > with ACLs pretty well. Slocate always filter out files the invoking > users can't > access when creating index file or display the found file name. > > If there is an ACL that would deny a user decending down a particular > directory path > ( and thus not being able to see further filenames) will that be > honoured by slocate? > > Yes. Slocate will just skip all filename under this path. > > The slocate index file doesn't contain any permission information. it > checks permission > at run but if slocate isn't SUID or SGID to root or the owner of the database file that implies that the database file is world readable so this check is a bit pointless. So what is the ownership and permissions of /var/lib/slocate/slocate.db -- Darren J Moffat