On Tue, May 17, 2011 at 04:35:00PM -0400, seth vidal wrote:
> 
> "When changing directories, tmpwatch is very sensitive to possible  race
>  conditions  and will exit with an error if one is detected. It does not
>  follow symbolic links in the directories it's cleaning (even if a  sym‐
>  bolic  link  is  given  as  its argument), will not switch filesystems,
>  skips lost+found directories owned by the root user, and  only  removes
>        empty directories, regular files, and symbolic links."


Not sure if this is a documentation or code bug, but this doesn't
seem true on the two RHEL5/6 systems I just tested.. 


> > > It guards against symlink attack by anyone who can run something as
> > > user "puppet" and replace /var/lib/puppet/reports/ with a symlink to
> > > somewhere else (/).
> 
> so in answer to this - no in fact, tmpwatch can't be exploited that way.
> 

        $ rpm -q tmpwatch
        tmpwatch-2.9.16-3.el6.x86_64
        $ ln -s /etc/ /var/tmp/test
        $ /usr/sbin/tmpwatch --mtime 720 --test /var/tmp/test/
        removing file /etc/csh.login
        removing file /etc/gimp/2.0/unitrc
        removing file /etc/gimp/2.0/sessionrc
        removing file /etc/gimp/2.0/controllerrc
        removing file /etc/gimp/2.0/menurc
        removing file /etc/gimp/2.0/gimprc
        removing file /etc/gimp/2.0/gtkrc
        <snip>

        

  -jf
_______________________________________________
infrastructure mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

Reply via email to