Comment 21 for bug 357024
Revision history for this message
| Martin Pitt (pitti) wrote Re: [Bug 357024] Re: security hole in /etc/cron.daily/apport | #21 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Stephane Chazelas [2009-04-16 6:21 -0000]:
> info find 'Security Considerations'
Indeed I read this last night, and it explains it quite well. It even
points out that -exec rm {} has the very same problem (which is really
quite obvious), but limiting the search depth to 1 should close that
hole AFAICS. Using the -delete action is an interesting option, but
this is again BSD find specific.