Beware xargs security holes
Peter da Silva
peter at ficc.ferranti.com
Thu Oct 18 03:49:35 AEST 1990
In article <13569:Oct1617:00:0590 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
> find / -name '#*' -atime +7 -print | xargs rm
> Incorrect. If that command is run daily from cron, as it is on many
> systems, then any user can remove any file on the system.
OK, enlighten me. Why is this command run daily on cron on many systems? And
if it is, what systems are they so I can avoid them?
--
Peter da Silva. `-_-'
+1 713 274 5180. 'U`
peter at ferranti.com
More information about the Comp.unix.shell
mailing list