On Sun, Oct 31, 2021 at 06:42:20AM +0800, Paul Wise wrote: >> We really can't do this without dropping sgid, though; that would be a >> security hole. If a file you didn't have access to earlier was deleted, >> locate shouldn't suddenly be able to find it. > > There are two ways you could do this: > > 1) simply make it a root-only feature > 2) store perms information in the database > > Both of these options would be acceptable to me.
#2 isn't possible; the file could be on a remote filesystem, with arbitrarily complex and hidden ACLs (and they may have been changed since updatedb time). > If you decide 2) is reasonable then when the database hasn't yet been > updated for 2) you could do 1). Is there a reason why you simply cannot build with --require-visibility 0, if so? > When root is running plocate please skip the stat checks for speed. Is this a real problem, or just nice-to-have? /* Steinar */
