Re: locatedb is world readable
Alexander Schmehl wrote: * David Garamond <[EMAIL PROTECTED]> [050107 09:44]: /var/cache/locate/locatedb is world readable. Is this the correct default? Can it be made so only certain users have file-level access to it? (In Redhat there's 'slocate' group and the locate command is setgid to that group.) Wouldn't it be a solution to install slocate, and either remove the findutils (not sure if that's a good idea) or deactivate the cronjob and remove the db? Argh, I didn't even check that Debian has slocate. Silly me. Thanks! Regards, dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
* David Garamond <[EMAIL PROTECTED]> [050107 09:44]: > /var/cache/locate/locatedb is world readable. Is this the correct > default? Can it be made so only certain users have file-level access to > it? (In Redhat there's 'slocate' group and the locate command is setgid > to that group.) Wouldn't it be a solution to install slocate, and either remove the findutils (not sure if that's a good idea) or deactivate the cronjob and remove the db? Yours sincerely, Alexander signature.asc Description: Digital signature
Re: locatedb is world readable
On Fri, Jan 07, 2005 at 08:29:55AM -0600, Kent West wrote: > David Garamond wrote: > > >>Sorry, a followup question. I deleted /etc/cron.daily/find several > >>days ago. How do I get it back? Reinstalling the findutils package > >>(using synaptic) doesn't bring it back. > > > >>Do I have to purge and install? > > > [EMAIL PROTECTED]:/home/westk> apt-file search /etc/cron.daily/find > findutils: etc/cron.daily/find > findutils: etc/cron.daily/find > > Since you've already reinstalled findutils and that didn't do it, then > I'd say, "Yep. Try purging and installing." I guess since this file is > in /etc, it's considered a configuration file and therefore doesn't get > replaced on a plain reinstall. You can always extract the file from the .deb with dpkg-deb -x and then copy it back to etc/cron.daily/ -- Chris Harris <[EMAIL PROTECTED]> --- GNU/Linux --- The best things in life are free. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
David Garamond wrote: Sorry, a followup question. I deleted /etc/cron.daily/find several days ago. How do I get it back? Reinstalling the findutils package (using synaptic) doesn't bring it back. Do I have to purge and install? [EMAIL PROTECTED]:/home/westk> apt-file search /etc/cron.daily/find findutils: etc/cron.daily/find findutils: etc/cron.daily/find Since you've already reinstalled findutils and that didn't do it, then I'd say, "Yep. Try purging and installing." I guess since this file is in /etc, it's considered a configuration file and therefore doesn't get replaced on a plain reinstall. -- Kent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OT: Replying to top-post (Re: locatedb is world readable)
David Garamond wrote: Jon Dowland wrote: Ah, a top-post to a message posted off-list. D-u is getting to be as readable as work email :-) Yeah, sorry about the off-list thing. However, I always thought the proper (polite?) way to reply to a top-post is by another top-post? I can see the logic in that; however, my usual MO is to fix the top-posting in my reply; it takes more work on my part, but I'd rather it be "right". But that's just me. (I also remove CC:s, unless they've been specifically asked for. After all, most everyone on this list, reads the list; no need for them to get two copies of a message.) -- Kent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
Carl Fink wrote: On Fri, Jan 07, 2005 at 04:33:45PM +0700, David Garamond wrote: Sorry, a followup question. I deleted /etc/cron.daily/find several days ago. How do I get it back? Reinstalling the findutils package (using synaptic) doesn't bring it back. Do I have to purge and install? Have you tried "dpkg-reconfigure findutils"? Yup, tried that but no luck. Btw, the /etc/cron.daily/find was never modified. Regards, dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
OT: Replying to top-post (Re: locatedb is world readable)
Jon Dowland wrote: On Fri, Jan 07, 2005 at 04:30:01PM +0700, David Garamond wrote: I think you think I said 'world writable'? I don't want normal users to be able to _read_ that file (unless through the locate command, which will not allow other users' files from being printed). Ah, a top-post to a message posted off-list. D-u is getting to be as readable as work email :-) Yeah, sorry about the off-list thing. However, I always thought the proper (polite?) way to reply to a top-post is by another top-post? Otherwise, it will be confusing to see something like this: REPLY3_TOPPOST >>REPLY1_TOPPOST >>>ORIG >REPLY2 Regards, dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
On Fri, Jan 07, 2005 at 04:30:01PM +0700, David Garamond wrote: > I think you think I said 'world writable'? I don't want normal users to > be able to _read_ that file (unless through the locate command, which > will not allow other users' files from being printed). Ah, a top-post to a message posted off-list. D-u is getting to be as readable as work email :-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
On Fri, Jan 07, 2005 at 04:33:45PM +0700, David Garamond wrote: > Sorry, a followup question. I deleted /etc/cron.daily/find several days > ago. How do I get it back? Reinstalling the findutils package (using > synaptic) doesn't bring it back. > > Do I have to purge and install? Have you tried "dpkg-reconfigure findutils"? -- Carl Fink [EMAIL PROTECTED] Jabootu's Minister of Proofreading http://www.jabootu.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
David Garamond wrote: /var/cache/locate/locatedb is world readable. Is this the correct default? Can it be made so only certain users have file-level access to it? (In Redhat there's 'slocate' group and the locate command is setgid to that group.) Sorry, a followup question. I deleted /etc/cron.daily/find several days ago. How do I get it back? Reinstalling the findutils package (using synaptic) doesn't bring it back. Do I have to purge and install? Regards, dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: locatedb is world readable
I think you think I said 'world writable'? I don't want normal users to be able to _read_ that file (unless through the locate command, which will not allow other users' files from being printed). Regards, dave Rem wrote: lusig1:~# ls -l /var/cache/locate/ total 1460 -rw-r--r-- 1 root root 1489507 Jan 7 06:29 locatedb lusig1:~# On Fri, 07 Jan 2005 15:44:46 +0700, David Garamond <[EMAIL PROTECTED]> wrote: /var/cache/locate/locatedb is world readable. Is this the correct default? Can it be made so only certain users have file-level access to it? (In Redhat there's 'slocate' group and the locate command is setgid to that group.) Regards, dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
locatedb is world readable
/var/cache/locate/locatedb is world readable. Is this the correct default? Can it be made so only certain users have file-level access to it? (In Redhat there's 'slocate' group and the locate command is setgid to that group.) Regards, dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
