2011-03-17 08:41:28 +0100, Sean Finney: > On Wed, 2011-03-16 at 21:57 -0600, Raphael Geissert wrote: > > On 16 March 2011 03:40, sean finney <sean...@debian.org> wrote: > > > On Wed, Mar 16, 2011 at 09:27:29AM +0000, Stephane Chazelas wrote: > > >> No, please look carefully. It's not "passwd" that's the > > >> symlink, it's foo (to /etc). rm would remove > > >> /var/lib/php5/foo/passwd, that is it would unlink the "passwd" > > >> entry from the directory pointed to by "foo", that is "/etc". > > > > > > oh, right. well good catch then, i guess we'll need to prepare > > > a stable security update... > > > > Yes, I'm on it. > > For sid I'm inclined to make /var/lib/php5 uid: root, gid: www-data, > > and remove the world-rw mode. Why would we want to allow anyone else > > to use that dir anyway? perhaps I'm missing some bits of history. > > I would suggest instead of using -delete, that we use -maxdepth 1.
Note that the standard equivalent of find ... -maxdepth 1 is (as I suggested in my initial report): find .../. ! -name . -prune ... (stricktly speaking, that would be more -mindepth 1 -maxdepth 1) > I think technically there's still some small window of oppurtunity (maybe > not exploitable, but still) in between the find comparisons and the > delete action GNU's -delete does some unlinkat(2) and find would use O_NOFOLLOW to descend into subdirs, so I don't think there would be race conditions there. > and i don't think we need to decend into directories in > the first place since the session files are all in the top level of > that directory. Agreed. > i made a patch last night but my colo'd server has been > up and down for the past few days :/ i'll attach it here instead of > pushing it, so we can decide what makes the most sense. > > Regarding the permissions, I also agree and don't know why they were > world read/writable, whether someone was just copying the perms > from /tmp or had a reason to do so. Not sure whether that also warrants > going into stable or not, but we could at least try it out in unstable > and see if anyohne complains :) [...] > +09,39 * * * * root [ -x /usr/lib/php5/maxlifetime ] && [ -d > /var/lib/php5 ] && find /var/lib/php5/ -maxdepth 1 -type f -cmin > +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm Note that I gave a POSIX equivalent of that command. Another reason for using -delete (you're using GNU syntax anyway) is that files are removed just after their time stamp is checked. Cheers, Stephane -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
