Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!uw-beaver!rice!sun-spots-request
From: iotek!mike@uunet.uu.net (Mike Thompson)
Newsgroups: comp.sys.sun
Subject: Re: cron/find sting! SUN OS 3.5 HELP!!!
Keywords: SunOS
Message-ID: <299@jupiter.iotek.UUCP>
Date: 23 Mar 89 20:28:35 GMT
References: <298@jupiter.iotek.UUCP>
Sender: usenet@rice.edu
Organization: IOTEK Inc
Lines: 32
Approved: Sun-Spots@rice.edu
Original-Date: 12 Mar 89 18:26:29 GMT
X-Sun-Spots-Digest: Volume 7, Issue 209, message 3 of 13

Thank you to those that responded to my call for help.

As was pointed out to me, this problem has been discussed in sun-spots
previously (v6n31, v6n39, v6n51). The problem arises due to the fact that
the on/rpc.rexd client/server pair will NFS mount directories in /tmp, so
if someone happens to be running an on command at the same time that the
"find /tmp/ -mtime +2 \! -type d -exec rm -f {} \;" is run the find will
quite happly go off through the NFS mounted file system. The solution is
to add the -xdev option to the find command to keep it on the same file
system.

I had contacted sun about this problem, and they didn't seem to know
anything about this problem, they did suggest adding the -xdev option to
the find command but they didn't seem to know what might be causing the
problem in the first place.

The only mention of this that I was able to find in the documentation was
"This daemon may use the NFS to mount file systems specified in the remote
execution request." in the documentation for rexd, no mention of where the
filesystems would be mounted, no comment about the dangers that this
implies.  I think that, that sentence should be down in the BUGS section
of the manual. What is in the BUGS section is also disturbing "Should be
better access control", what is wrong with the access control?  One of the
people that responed to my request for help mentioned this as well,
according to them there seems to be no host verification only uid
verification (i.e. is this a valid uid on this machine, not is this a
valid host with a valid uid) not having source code I can't check this
out.

Michael A. Thompson, Iotek Inc, |*| E-Mail: mike@iotek.uucp
1127 Barrington St., Suite 100, |*| Fax:    (902)420-0674
Halifax, N.S., B3H 2P8, Canada  |*| Phone:  (902)420-1890