On Wed, 2011-05-18 at 00:18 +0200, Jan-Frode Myklebust wrote: > On Tue, May 17, 2011 at 04:35:00PM -0400, seth vidal wrote: > > > > "When changing directories, tmpwatch is very sensitive to possible race > > conditions and will exit with an error if one is detected. It does not > > follow symbolic links in the directories it's cleaning (even if a symâ > > bolic link is given as its argument), will not switch filesystems, > > skips lost+found directories owned by the root user, and only removes > > empty directories, regular files, and symbolic links." > > > Not sure if this is a documentation or code bug, but this doesn't > seem true on the two RHEL5/6 systems I just tested.. > > > > > > It guards against symlink attack by anyone who can run something as > > > > user "puppet" and replace /var/lib/puppet/reports/ with a symlink to > > > > somewhere else (/). > > > > so in answer to this - no in fact, tmpwatch can't be exploited that way. > > > > $ rpm -q tmpwatch > tmpwatch-2.9.16-3.el6.x86_64 > $ ln -s /etc/ /var/tmp/test > $ /usr/sbin/tmpwatch --mtime 720 --test /var/tmp/test/ > removing file /etc/csh.login > removing file /etc/gimp/2.0/unitrc > removing file /etc/gimp/2.0/sessionrc > removing file /etc/gimp/2.0/controllerrc > removing file /etc/gimp/2.0/menurc > removing file /etc/gimp/2.0/gimprc > removing file /etc/gimp/2.0/gtkrc > <snip> > > then that is a code bug b/c it is specifically docummented as NOT doing that. -sv _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
