From 77309736ae5f33b1a5ed7fe1324f59381d2d17d3 Mon Sep 17 00:00:00 2001
From: eivind <eivind@FreeBSD.org>
Date: Wed, 19 Jun 2002 19:22:18 +0000
Subject: Make locate.updatedb tell about the security risk when it is run as
 root.

---
 usr.bin/locate/locate/updatedb.sh | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'usr.bin/locate')

diff --git a/usr.bin/locate/locate/updatedb.sh b/usr.bin/locate/locate/updatedb.sh
index 361e72d..b9bf698 100644
--- a/usr.bin/locate/locate/updatedb.sh
+++ b/usr.bin/locate/locate/updatedb.sh
@@ -28,6 +28,11 @@
 #
 # $FreeBSD$
 
+if [ "$(id -u)" = "0" ]; then
+	echo ">>> WARNING" 1>&2
+	echo ">>> Executing updatedb as root.  This WILL reveal all filenames" 1>&2
+	echo ">>> on your machine to all login users, which is a security risk." 1>&2
+fi
 : ${LOCATE_CONFIG="/etc/locate.rc"}
 if [ -f "$LOCATE_CONFIG" -a -r "$LOCATE_CONFIG" ]; then
        . $LOCATE_CONFIG
-- 
cgit v1.1