Beware xargs security holes
Bill Stewart 201-949-0705 erebus.att.com!wcs
wcs at cbnewsh.att.com
Sun Oct 21 11:36:03 AEST 1990
In article <SGH6K6D at xds13.ferranti.com>, peter at ficc.ferranti.com (Peter da Silva) writes:
> > find / -name '#*' -atime +7 -print | xargs rm
> OK, enlighten me. Why is this command run daily on cron on many systems? And
> if it is, what systems are they so I can avoid them?
Many systems, especially universities, have a convention that
filenames beginning with '#' are "marked for death".
Instead of a "real" rm command, most users use a file deletion
command that renames foo as #foo, which can be recovered by an undelete
command, if the user is lucky after having been stupid, and the ls
command may also be hacked not to show them.
Other places use similar conventions.
But even if you DO avoid systems like this, LOTS of places do
find /tmp /usr/tmp -atime +7 -mtime +7 -print |xargs rm
to clean old stuff out of /tmp, which IS morally acceptable behaviour :-)
And it can be hosed just as easily;
mkdir /tmp/foo'
'
cd "/tmp/foo?" ; echo gotcha > vmunix
--
Thanks; Bill
# Bill Stewart 908-949-0705 erebus.att.com!wcs AT&T Bell Labs 4M-312 Holmdel NJ
Government is like an elephant on drugs: It's very confused, makes lots of noise,
can't do anything well, stomps on anyone in its way, and it sure eats a lot.
More information about the Comp.unix.shell
mailing list