On Mon, 17 Nov 2003, Michael Holt wrote: > What effect does it have? It means you can execute hidden files? If > that's the case, couldn't you do that anyway - if you knew what the > filename was? I suppose just for policy, you would want as few things > in a users path as possible - is that just what it's about?
What having ":.:" (or its equivalent, "::") in your $PATH does is allow the current working directory to be included in any search for executable files. This is (wisely, IMHO) considered to be a security risk, as it can lead to the execution of a file other than the one you had intended, if that file has the same name and the ":.:" appears earlier in the PATH than the directory in which the intended file resides. Obviously, it is *far* more important that such an entry not be part of root's PATH than a user's, but it's a risk in the latter case as well. -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In communities where men build ships for their own sons to fish or fight from, quality is never a problem." -- J. A. Dever
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com