немного
13:25 | 25-10-2006 | Software | No Comments
случайно заметил, что find в epocemx не умеет опцию -execdir:
The -execdir primary is identical to the -exec primary with the exception that utility will be executed from the directory that holds the current file. The filename substituted for the string “{}” is not qualified.
вообще, ничего особенно занимательного, конечно, в этом наблюдении нет, но вот интересно:
If you use -exec, then you will pass something like very/long/path/to/file to your program. Let us say you have a cron job which deletes all files older than a day in /tmp, and this is run by root.
I could set up a set of directories in /tmp, which ends up with an old file called “passwd”.
If I can get the timing right, between the time that “find” runs, to find the file /tmp/a/b/c/d/e/f/passwd, and the time that “rm” is run, I could rename “f” to “f.old”, and make a symbolic link called “f” in the “e” directory to /etc. Then “rm” will helpfully remove /etc/passwd, making the system difficult to use.
Using “-execdir” will mean that “find” will start the “rm” in the directory that was called “f” (and is now called “f.old”), and will therefore remove the file “passwd” that find found, rather than the one in /etc.
(I used rename, rather than reove of the “f” directory as it makes it clearer what is going on, but the same logic applies. Remember files do not go away on unix until the last reference to them has gone).
ну да, а как же.