COMMAND

    chklogs

SYSTEMS AFFECTED

    Systems running chklogs.

PROBLEM


    There is a program called chklogs out there, written by D.  Emilio
    Grimaldo T. (root@panama.iaehv.nl). It's a pretty nice perl script
    that uses a config file  for archiving or taking other  actions on
    logfiles if theyr size exesses a predefined limit.

    If You carefully examine it, You will find a lame tempfile bug  in
    it.   When called  with -m  switch (usually  from crontab) it will
    mail the results  to administrator.   /tmp/chklogs.out is used  to
    compose a message.  So the program will gladly overwrite any  file
    in  the  system.   Credit   for  this  discovery  goes  to   Antti
    Andreimann.

SOLUTION

    Do not call chklogs with -m option or don't use it at all.