2009-04-27 16:18:02 -0000, Jamie Strandboge:
> Feedback from vendor-sec is that the patch is probably not good enough,
> specifically:
>
> "At the very least, you need to add " --" after "rm -f" to prevent
> option-passing to "rm" via filenames starting with dashes."
No,
The patch has
find /var/crash/. ... -exec ...
or
find . ... -exec ...
in my suggestion
So all the file paths will start with "/var/crash" or "./", not
dash so the "--" is not necessary.
[...]
> Maybe a better way to write it:
>
> cd /var/crash &&
> find . ! -name . -prune -type f \( -mtime +7 -o -size 0 \) -exec rm -f {} +
>
> (the + above is standard but implies a recent enough version of GNU find)
[...]
2009-04-27 16:18:02 -0000, Jamie Strandboge:
> Feedback from vendor-sec is that the patch is probably not good enough,
> specifically:
>
> "At the very least, you need to add " --" after "rm -f" to prevent
> option-passing to "rm" via filenames starting with dashes."
No,
The patch has
find /var/crash/. ... -exec ...
or
find . ... -exec ...
in my suggestion
So all the file paths will start with "/var/crash" or "./", not
dash so the "--" is not necessary.
[...]
> Maybe a better way to write it:
>
> cd /var/crash &&
> find . ! -name . -prune -type f \( -mtime +7 -o -size 0 \) -exec rm -f {} +
>
> (the + above is standard but implies a recent enough version of GNU find)
[...]
Best regards,
Stephane