Ted Mittelstaedt wrote: > Locate will not show files that a user has set private (or root > has set private like /usr/local/certs/machineprivatekey.key
There are at least three versions of locate all with different behavior with regards to file permissions. The GNU findutils locate version simply runs as a non-priviledged user and can't see anything that isn't available to any user. slocate and mlocate run as root and have visibility into every file but additionally mark the permission in the database. The database is unreadable for normal users and the only access is through the suid binary. The results returned are with respect to the user's current file access permissions. mlocate additionally stores directory timestamps to avoid the need to read directories that have not changed since the last run. Although mlocate is the most sophisticated of the set I don't use it personally and I prefer the original locate that simply indexes using find running as 'nobody' and only lists files that anyone can see. In any case the behavior depends upon the particular variant of locate installed on your system. If it is slocate or mlocate then running "locate" as root will locate every matching file. > It would have likely worked for this - but it's too difficult for > me to attempt to prove a negative (prove a file does not exist) when I'm > using a tool that is written to not show everything. Unfortunately security is the one feature of the system that by design makes it harder to use. Bob
