On 2009-01-13 20:28 +0100, Daryl Styrk wrote: > "This is unsafe because you are trusting that your own version of the > more command works properly. But it is also risky for a more important > reason: system security. If your PATH is set up in this way, you leave > open a "hole" that is well known to computer crackers and mischief > makers: they can install "Trojan horses" and do other things to steal > files or do damage."
The book in general is not so bad, but this statement, in fact the whole paragraph, is just nonsense. > There is a senerio that goes on to detail how a user with a suid script > in their personal bin directory before a public bin. Creating a Trojan > that looks for a common utility such as grep.. For one thing, the suid bit is ignored for scripts on Linux. And your ~/bin directory should never be writable by other people. > The example script.. > "cp /bin/bash filenamechown root filenamechmod 4755 filename/bin/grep > "$@"rm ~/bin/grep" Will just not work, unless the user executing the script is root. > "Sits back and waits for the user to run the suid shell script—which > calls the Trojan horse, which in turn creates the suid shell and then > self-destructs." > > If you have the book I'm looking at chapter 10. 10.3.2 to be exact. Do you have the third edition? The second edition which I own does not have sections inside the chapters numbered. Sven -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org