[RFC] Filesystem-local databases in mlocate
Bernardo Innocenti
bernie at develer.com
Mon Mar 19 08:58:42 UTC 2007
Simo Sorce wrote:
>> Usage for /home on NFS:
>> - NFS is automatically excluded by clients, so updatedb on clients
>> does not walk the filesystem.
>> - On the server:
>> Add /srv/home to /etc/sysconfig/mlocate. If /srv/home is not a
>> separate mount point, add LOCATE_PATH=:/srv/home/.mlocate/mlocate.db
>> to the global environment.
>
> I am deeply concerned about the security implications of this idea.
> You are basically making it possible for everyone to get access to the
> complete remote FS layout ???
In the local case, mlocate.db contains the whole directory structure as
read by the root user.
Local security is based on unix permissions: the locate.db is not
readable to normal users and the locate binary is set-gid locate.
Remote databases exported in NFS shares cannot of course use this
trick becausae it requires trusting the remote root of all clients.
A solution could be crawling the filesystem as user nobody to avoid
disclosing private information, but this would make the shared
locate.db completely useless to index home directories.
How did Apple solve the problem with Spotlight? Spotlight also
stores its database in the root directory of all volumes, including
flash pens and remote NFS shares.
--
// Bernardo Innocenti - Develer R&D dept.
\X/ http://www.develer.com/
More information about the fedora-devel-list
mailing list