jd1008 wrote: > > > On 05/03/2015 05:25 PM, Ed Greshko wrote: >> On 05/04/15 07:14, jd1008 wrote: >>> As unprivileged user, I run locate <filename> >>> and get >>> $ locate file_3.mp3 >>> locate: can not open `/var/lib/mlocate/mlocate.db': Permission denied >>> >>> I always end up running sudo to change the perms so unpriv'ed >>> users can run locate. >>> >>> What command should I run so the mlocate.db file is readable >>> by unpriv'ed users? >>> >> The "better" question is, does this match your system? >> >> [egreshko@meimei ~]$ ll /bin/locate >> -rwx--s--x. 1 root slocate 40528 Aug 18 2014 /bin/locate > I distrust suid programs. > I find it strange that a security minded system needs an suid > program to do something as simple as locate a file. > > So, I have removed the suid perm from it. > > So, how do I set it so that people can find files? > > I am willing to risk users finding a specific file than risking > finding a hole in the suid file/process and taking advantage of it.
locate has set SGID bit, not SUID. And 'slocate' group, under which it belongs, perhaps not poses any risk to Linux system. FH -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
