/var/lib/mlocate/mlocate.db perms
Gordon Messmer
gordon.messmer at gmail.com
Tue May 5 04:25:30 UTC 2015
On 05/03/2015 04:47 PM, jd1008 wrote:
> I distrust suid programs.
Skepticism toward SUID root is sometimes merited. Evaluating your own
needs for such programs is reasonable. Distrusting the mechanism itself
is tin-foil-hat-crazy.
> I find it strange that a security minded system needs an suid
> program to do something as simple as locate a file.
It's not SUID, it's SGID to "slocate". The locate file will only allow
users to locate files they have access to. In order to enforce that
restriction, users have to be prevented from reading the database directly.
More information about the users
mailing list