[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Status of updatedb

From: Dmitry V. Levin
Subject: Re: Status of updatedb
Date: Sun, 18 Dec 2005 03:19:34 +0300

On Sat, Dec 17, 2005 at 11:42:53PM +0000, James Youngman wrote:
> On Sun, Dec 18, 2005 at 01:36:52AM +0300, Dmitry V. Levin wrote:
> > You can have a look at my own slocate I wrote several years ago
> > (based on glibc's fts and GNU locate's frencode) which demonstrates
> > this approach:
> > ftp://ftp.altlinux.org/pub/people/ldv/slocate/slocate-0.2.8.tar.bz2
> Interesting.  I like the code (well, except for lists.c).  How did you
> come to write your own version rather than use the locate which forms
> part of GNU findutils or the other 'slocate' package?

First reason was security: the find part needs to be privileged, and I had
no other way to make it running non-root and still be able to traverse
a file hierarchy.  Why I need to make it running non-root?  Because
updatedb is subject for passive and active attacks.

Second reason was performance: the code based on glibc's fts + GNU locate's
frencode worked faster than GNU locate and much faster than other 'slocate'

> I'm not asking 'what was wrong with GNU locate?'.

The architecture.  As I said, with standard linux kernel find cannot be
hardened without hacks, and multiprocess model also adds performance penalty.

> It's more that I'm
> asking why you didn't use the other slocate.

Other slocate is crap.  It is even less secure than GNU locate which
contains no "s" in the name. :)

> One more wheel and we'll have enough for a car :)

Indeed! :)


Attachment: pgpH8MJIPEg2C.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]