> > Well, but with that race condition above... It *might* be kernel issue
> > after all. Enlighten me: how is this operation done safely?
>
> This 'race condition' only occurs with the | xargs case,
> find -exec executes the command immediately upon finding
> the file, so there's no race there...
> Well, there's a theoretical race, but there's no way for
> a nasty user to find out which file is going to be dealt
> with 'right now', at least not on a large multi-user box
> where the load is too high to make adequate predictions.
Yes. It is. Between stat-ing file to see if it belongs to that user
and chowning it. I do not know if it is exploitable, but if you
overflow system much (slowing it down), watch ps etc, you could
probably be able to see it.
Pavel
-- Do *NOT* buy software, GNU software is better and free! Pavel GCM d? s-: !g p?:+ au- a--@ w+ v- C++@ UL+++ L++ N++ E++ W--- M- Y- R+