My Perfect OS X Coldfusion Dev Environment - They call me the Seeker

>> Thursday, 9 October 2008

This is just a quick one but it's something that I always have to do every time I start with a fresh OS X install and thats to secure the locate command and create the locate database.

Locate is a command line tool for *nix based systems that very quickly allows you to find files throughout the file system (in a similiar way to spotlight but the big difference being that this will look through all the system folders as well which is ridiculously handy when you forget the location of a config file or just want to see how many copies of the file exist and where on the system they are.

Because of the way we will be indexing the locate database we have to be careful as you could potentially expose all of the systems filenames and locations to all users (something a hacker might find incredibly useful if trying to crack your box). so all we'll do is secure it so only the root account can use it and then when you want to run the locate command you just prefix it with sudo and authenticate with your administrator password.

We'll start by securing the locate command by opening up Terminal (it's located in applications -> utilities if you haven't had a chance to use it yet).

With the terminal window open type the following commands at the $ prompt...

$ sudo chmod o-x /usr/bin/locate

and what that basically does is remove execute permissions for anyone not in the group to which the file belongs.

Now we need to create our locate database file which we do with the following command...

$ sudo /usr/libexec/locate.updatedb

You will be presented with a warning that looks like this

>>> WARNING
>>> Executing updatedb as root. This WILL reveal all filenames
>>> on your machine to all login users, which is a security risk.

As we are going to secure the database file from unauthorised access this is not a real concern for us.

The script will do it's thing and after a few minutes the $ prompt will return, when it does run the following command to secure the database file by removing all non group users read permissions.

$ sudo chmod o-r /var/db/locate.database

Now you can whizz around your file system locating files like a command line based sherlock holmes using the following command for example...

$ locate php.ini
/private/etc/php.ini.default
$

For more information about locate you can read it's manual by running this command in the terminal

$ man locate

I would talk about scheduling the update regularly (it should run weekly but there are some reasons why it may not always do so) but I intend to cover ensuring that certain maintenance tasks are ran regularly in a future post in this series. Until then you can run the 'sudo /usr/libexec/locate.updatedb' command manually to update the index of files in the database.

Happy [file] hunting!

0 comments: