# How To Securely Use locate.updatedb



## flakblas (Jul 18, 2010)

I'm fairly new to FreeBSD and I'm trying to use locate so I ran locate.updatedb as root. I killed it as soon as I saw this message:

```
>>> WARNING
>>> Executing updatedb as root.  This WILL reveal all filenames
>>> on your machine to all login users, which is a security risk.
```
Is there a best practice that applies here? Is there a specific user I should run this as? I could create a user whose sole purpose is to run this but I don't want to devise my own methods until I know there's not some better way. I've been Googling but unable to find the answer. Thanks.


----------



## wblock@ (Jul 18, 2010)

The periodic scripts run this as user "nobody".  It's easier to just run it that way:

`# /etc/periodic/weekly/310.locate`


----------

