slocate vs locate

Hi

Is there really a security advantage to use solvate rather then locate. If
there is I will restrict users from use locate.

Thank You
Rafal

On Wed, 08 Dec 2004 21:09:32 GMT, Asmo hath writ:
>
> Is there really a security advantage to use solvate rather then locate. If
> there is I will restrict users from use locate.

On my system (MDK 9.1) they look to be hard linked (ln) -- one to the other'n.

|[root@nix jonesy]# ls -aol `slocate locate | grep bin`
|-rwxr-xr-x 1 root 7829 Aug 10 2002 /usr/bin/dislocate*
|-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/locate*
|-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/slocate*
|[root@nix jonesy]#


(Now to research what the hell dislocate is.... :-)

Jonesy
--
| Marvin L Jones | jonz | W3DHJ | linux
| Gunnison, Colorado | @ | Jonesy | OS/2 __
| 7,703' -- 2,345m | config.com | DM68mn SK

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Allodoxaphobia wrote:
[snip]

> |[root@nix jonesy]# ls -aol `slocate locate | grep bin`
> |-rwxr-xr-x 1 root 7829 Aug 10 2002 /usr/bin/dislocate*

[snip]

> (Now to research what the hell dislocate is.... :-)

You got me interested as well. According to the manpage...

DISLOCATE(1) DISLOCATE(1)

NAME
Dislocate - disconnect and reconnect processes

SYNOPSIS
dislocate [ program args... ]

INTRODUCTION
Dislocate allows processes to be disconnected and recon*
nected to the terminal. Possible uses:

· You can disconnect a process from a terminal at
work and reconnect from home, to continue work*
ing.


- --
Lew Pitcher

Master Codewright & JOAT-in-training | GPG public key available on request
Registered Linux User #112576 (http://counter.li.org/)
Slackware - Because I know what I'm doing.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBt8fiagVFX4UWr64RAp/PAKCL06wLwD98hmV+m4iAK0SSeihfxACguQJb
3S8PmaqtgXf8ISJAE7WLSis=
=Il9n
-----END PGP SIGNATURE-----

Asmo wrote:
> Hi
>
> Is there really a security advantage to use solvate rather then
> locate. If there is I will restrict users from use locate.
>
> Thank You
> Rafal

The "locate" and "slocate" *binaries* are linked to eachother on systems
that have the "slocate" *package* is installed. However, there is quite a
bit of difference between the "locate" package and the "slocate" package.
Specifically, if I were to use the original locate to look for a filename
that exists in a directory that I do not have access to, it would still show
that file to me. With the slocate package that is not the case. For backward
compatibility the "locate" binary has been linked to the better version in
slocate.

Hi

> The "locate" and "slocate" *binaries* are linked to eachother on systems
> that have the "slocate" *package* is installed. However, there is quite a
> bit of difference between the "locate" package and the "slocate" package.
> Specifically, if I were to use the original locate to look for a filename
> that exists in a directory that I do not have access to, it would still
show
> that file to me. With the slocate package that is not the case. For
backward
> compatibility the "locate" binary has been linked to the better version in
> slocate.

Thing that boders me is that slocate has sgid.

Rafal

Hi

> |[root@nix jonesy]# ls -aol `slocate locate | grep bin`
> |-rwxr-xr-x 1 root 7829 Aug 10 2002 /usr/bin/dislocate*
> |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/locate*
> |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/slocate*
> |[root@nix jonesy]#
>
>
> (Now to research what the hell dislocate is.... :-)

I have Slackware 10 and there is no dislocate . hmmm

Rafal

"Asmo" <asmodeus@interia.remove.pl> writes:

>> |[root@nix jonesy]# ls -aol `slocate locate | grep bin`
>> |-rwxr-xr-x 1 root 7829 Aug 10 2002 /usr/bin/dislocate*
>> |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/locate*
>> |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/slocate*
>> |[root@nix jonesy]#
>> (Now to research what the hell dislocate is.... :-)

man dislocate ?

Dislocate allows processes to be disconnected and reconnected to the
terminal.

It was in Mandrake 9, but is not in Mandrake 10

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Asmo wrote:
| Hi
|
|
|> |[root@nix jonesy]# ls -aol `slocate locate | grep bin`
|> |-rwxr-xr-x 1 root 7829 Aug 10 2002 /usr/bin/dislocate*
|> |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/locate*
|> |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/slocate*
|> |[root@nix jonesy]#
|>
|>
|>(Now to research what the hell dislocate is.... :-)
|
|
| I have Slackware 10 and there is no dislocate . hmmm

I have Slackware 10.0 as well, and dislocate(1) is part of the
expect-5.41.0-i486-1.tgz package.


- --
Lew Pitcher
IT Consultant, Enterprise Data Systems,
Enterprise Technology Solutions, TD Bank Financial Group

(Opinions expressed are my own, not my employers')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFBuJPRagVFX4UWr64RAsz+AKCiuZyjvKRJp0PgIcoQjQ J3ogVSTQCfSOSQ
ylbDN/0ovrspG4g2RUexmXM=
=N3nk
-----END PGP SIGNATURE-----

On 2004-12-08, Asmo <asmodeus@interia.remove.pl> wrote:

> Is there really a security advantage to use solvate rather then locate. If
> there is I will restrict users from use locate.

slocate only allows users to "locate" files for which they have access
permissions. If they don't have permission, then slocate will not show
them. When slocate is installed, it creates a link to "locate" so when a
user runs "locate" they are actually running slocate.

--

-John (john@os2.dhs.org)

Asmo <asmodeus@interia.remove.pl> wrote:
> Hi
>
> > |[root@nix jonesy]# ls -aol `slocate locate | grep bin`
> > |-rwxr-xr-x 1 root 7829 Aug 10 2002 /usr/bin/dislocate*
> > |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/locate*
> > |-rwxr-sr-x 2 root 27448 Jan 22 2004 /usr/bin/slocate*
> > |[root@nix jonesy]#
> >
> >
> > (Now to research what the hell dislocate is.... :-)
>
> I have Slackware 10 and there is no dislocate . hmmm
>
> Rafal
>
>
So do I and it's there, you must not have installed it.
~$ which dislocate
/usr/bin/dislocate

Jerry