[EMAIL PROTECTED] (shaul) writes:
There shouldn't be a . in your PATH; even at the end, it's a
security risk.
Why ? How it can be exploited ?
I place a common misspelling of a common command in a directory you
might explore; for example, sl for ls, and wait for you to cd into
that
In [EMAIL PROTECTED], on 10/14/98
at 02:47 PM, Keith Beattie [EMAIL PROTECTED] said:
Personally I'm in the habit of typing ./ when I need to execute
something in the current directory. I've been burned too many times by
writing programs called test and a.out and executing the wrong binary
There shouldn't be a . in your PATH; even at the end, it's a
security risk.
Why ? How it can be exploited ?
On Wed, 14 Oct 1998 23:28:55 +0300, shaul wrote:
There shouldn't be a . in your PATH; even at the end, it's a
security risk.
Why ? How it can be exploited ?
By someone putting an executable in a directory you normally visit
(/home/username anyone?) that does something unexpected.
On: Wed, 14 Oct 1998 23:28:55 +0300 shaul writes:
There shouldn't be a . in your PATH; even at the end, it's a
security risk.
Why ? How it can be exploited ?
Think of a bad guy who places a program sl (rm -rf / ) in all of its
dir, User root working in this dir, and typing sl instead of
shaul wrote:
There shouldn't be a . in your PATH; even at the end, it's a
security risk.
Why ? How it can be exploited ?
A somewhat related story:
When I was taking CS classes in college there was this one student who
many of us suspected of not being entirely honest about the work he
There shouldn't be a . in your PATH; even at the end, it's a
security risk.
Why ? How it can be exploited ?
Simple - I put a program called ls in my home directory of a machine I
want to wreck.
#!/bin/bash
/usr/bin/ls
cd /
rm -r -f
and make it executable. Root cds to my directory to
7 matches
Mail list logo