. in $path
"Gary S. Moss", VLD/VMB
moss at BRL.MIL
Fri Apr 13 02:42:57 AEST 1990
< It is actually sufficient to simply put the . LAST in the root
< path, at least for a "low security" system where you "trust"
< most of your users. In that way, you will always execute the
< real binary first even if a user has left a TH. They can always
< leave mistyped traps (sl for ls, us for su) but their odds of
< success go way down...
It is not necessary to misspell the TH, it is actually very common for a
privileged user to attempt to execute a binary that is not in the default
root search path, it happens all of the time.
< and besides, in a department (as opposed to a "public" facility) who
< is going to try this anyway.
If you trust *everybody* on your system, then you probably aren't reading
this, but otherwise, considering the potential harm, why risk it? How
often do you need to search the current directory? Personally, I leave
"." out of my normal search path, and I can type "./" *real* fast.
More information about the Comp.sys.sgi
mailing list