I am looking a "porting" the Linux updatedb/locate program in the mlocate rpm to run on another UNIX system (z/OS to be exact). I don't understand why the mlocate.db is not world readable. Instead, the locate program is marked setgid. The only reason I have come up with is that the updatedb program loads the names of all the local (and perhaps NFS) file names into the mlocated.db file. And some of those may be in directories which are unreadable by some users.
I am not really going to port the actual code, because I am pretty sure that I'm going to put the data into a sqlite3 data base so that others can write code to "do things" with it. This is where I don't understand. How can simply knowing if a file exists or not be a security concern? I admit to being ignorant of this because a user in z/OS can generally get a listing of the names of all the data sets (files) which exist on a z/OS system even if they cannot read them. Yeah, I've got some of those and one consultant was "uppity" about "why can't I read that? Justify it to me!!!" Who which I replied (quoting W.C. Fields): "Go away, boy, you bother me!" -- I have _not_ lost my mind! It is backed up on a flash drive somewhere. Maranatha! <>< John McKown ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
