Previous: Race Conditions with -exec, Up: Security Considerations for find


11.2.4 Race Conditions with -print and -print0

The ‘-print’ and ‘-print0’ actions can be used to produce a list of files matching some criteria, which can then be used with some other command, perhaps with xargs. Unfortunately, this means that there is an unavoidable time gap between find deciding that one or more files meet its criteria and the relevant command being executed. For this reason, the ‘-print’ and ‘-print0’ actions are just as insecure as ‘-exec’.

In fact, since the construction

     find ...  -print | xargs ...

does not cope correctly with newlines or other “white space” in file names, and copes poorly with file names containing quotes, the ‘-print’ action is less secure even than ‘-print0’.