Darren J Moffat wrote: >>> So what is the ownership and permissions of /var/lib/slocate/slocate.db >>> >> The ownership is root, group is other and permissions is 744 > > The above check is completely useless given that that database is > publically readable. Also it should't be rwx for owner it doesn't get > executed it should be rw-. > > This is why slocate is normally installed SUID or SGID so that the > database can be installed like one of the following: > root root 600 > root slocate 640 The previous email miss something, just ignore it.
Understood. Which way is better, SUID(root root 600) or SGID(root slocate 640)? Thanks Jim > > If you don't install it this way you are missing one of the primary > reasons for slocate over locate. >
