In Debian 2.1 (slink) the file /etc/cron.daily/standard (package cron)
contains the following code:
--------------------- begin included code ----------------------
# /etc/cron.daily/standard: standard daily maintenance script
# Written by Ian A. Murdock <[EMAIL PROTECTED]>
# Modified by Ian Jackson <[EMAIL PROTECTED]>
# Modified by Steve Greenland <[EMAIL PROTECTED]>
bak=/var/backups
# The following three find commands are commented out do to the
# severe, easily exploited security hole introduced by 'find . _stuff_
# | xargs rm' style commands. Changing it to '-exec rm {}' doesn't
# help.
# if [ -d /tmp -a ! -L /tmp ] && cd /tmp
# then
# find . -type f -atime +3 -print0 | xargs -r0 rm -f --
# find . ! -name . -type d -mtime +1 -print0 | xargs -r0 rmdir --
>/dev/null 2>&1
# fi
# if [ -d /var/tmp -a ! -L /var/tmp ] && cd /var/tmp
# then
# find . -type f -atime +7 -print0 | xargs -r0 rm -f --
# find . ! -name . -type d -mtime +1 -print0 | xargs -r0 rmdir --
>/dev/null 2>&1
# fi
#if cd /var/spool/cron/crontabs
#then
# find . -name 'tmp.[0-9]*' -mtime +2 -print0 | xargs -r0 rm -f --
#fi
----------------------- end included code ------------------------
The rejected construction
find . _stuff_ | xargs rm
seems very similar to the example given in the find info manual,
Chapter [Common Tasks], Section [Cleaning Up]:
find . -name '.#*' -print0 | xargs -0r rm -f
Can someone supply a reference to where the "severe, easily exploited
security hole" is defined/justified/explained?
And would it be possible to place that reference as a comment
right in the cron file?
The changelog for slink's cron package contains three occurrences of `find',
but none of them seem to involve this problem.
The reason I think this should be justified is that, lacking that justification,
many people will, naturally, continue using this construction in their
own personal scripts, as it is such a standard example.
Keith
