Re: [RFC] Filesystem-local databases in mlocate

On Fri, 2007-03-16 at 05:16 +0100, Miloslav Trmac wrote:
> Hi,
> I'm planning to add filesystem-local database support to mlocate.  This
> allows:
> - running updatedb on a file server and making the database
>   automatically available to clients without any client-side
>   configuration
> - using locate on GFS volumes without running updatedb on each host that
>   has the volume mounted (which slows the volumes down due to lock
>   contention)


> Usage for /home on NFS:
> - NFS is automatically excluded by clients, so updatedb on clients
>   does not walk the filesystem.
> - On the server:
>   Add /srv/home to /etc/sysconfig/mlocate.  If /srv/home is not a
>   separate mount point, add LOCATE_PATH=:/srv/home/.mlocate/mlocate.db
>   to the global environment.

I am deeply concerned about the security implications of this idea.
You are basically making it possible for everyone to get access to the
complete remote FS layout ???

> Can anyone see a problem with the plan, or an important feature that the
> above fails to address?

Yes, security and privacy wise it is BAD BAAD BAAAD :-)


