/var/lib/mlocate/mlocate.db perms
Frantisek Hanzlik
franta at hanzlici.cz
Sun May 3 23:54:35 UTC 2015
jd1008 wrote:
>
>
> On 05/03/2015 05:25 PM, Ed Greshko wrote:
>> On 05/04/15 07:14, jd1008 wrote:
>>> As unprivileged user, I run locate <filename>
>>> and get
>>> $ locate file_3.mp3
>>> locate: can not open `/var/lib/mlocate/mlocate.db': Permission denied
>>>
>>> I always end up running sudo to change the perms so unpriv'ed
>>> users can run locate.
>>>
>>> What command should I run so the mlocate.db file is readable
>>> by unpriv'ed users?
>>>
>> The "better" question is, does this match your system?
>>
>> [egreshko at meimei ~]$ ll /bin/locate
>> -rwx--s--x. 1 root slocate 40528 Aug 18 2014 /bin/locate
> I distrust suid programs.
> I find it strange that a security minded system needs an suid
> program to do something as simple as locate a file.
>
> So, I have removed the suid perm from it.
>
> So, how do I set it so that people can find files?
>
> I am willing to risk users finding a specific file than risking
> finding a hole in the suid file/process and taking advantage of it.
locate has set SGID bit, not SUID. And 'slocate' group, under which
it belongs, perhaps not poses any risk to Linux system.
FH
More information about the users
mailing list