crontab for ordinary users
Michael Fuller
msf at wren.cs.rmit.OZ.AU
Thu Oct 25 09:50:39 AEST 1990
jeff at onion.pdx.com (Jeff Beadles) writes:
>I believe that you're doing your best to make your system vulnerable to a
>trojan horse attack with a brain-damaged path like this.
> *** DOT SHOULD NEVER BE FIRST IN YOUR PATH. ***
>There are security papers galore that try to beat this into people, but they
>just don't listen. It IS a very good idea though.
>If you don't know why dot is bad in front of your path, send me email telling
>me why you need to know. :-)
Please! Just come out and say it. Having implied that there is a security hole,
you then don't say what it is. Ordinary users such as myself :-)
don't have time or even know quite where to look for the "security papers
galore", but those who _are_ interested in exploiting such
weaknesses will eagerly go off to play. If I knew why it was a bad idea,
I would be *much* less likely to do such a thing. The result now is that
I won't know, and the baddies will :-(. If you must mention a problem,
do so in a way which doesn't disadvantage the very people you are trying
to protect.
> -Jeff
Michael
p.s. Security papers would do a much better job of trying to beat things
into people if they were widely diestributed and publicised.
-------------------------------------------------------------------------------
Michael Fuller, ACSNET: msf at wren.cs.rmit.OZ
Key Center for Knowl. Based Sys., INTERNET: msf at wren.cs.rmit.OZ.AU
RMIT Dept. of Comp. Sci., JANET: msf%au.oz.wren at uk.ac.ukc
GPO BOX 2476 V, BITNET: msf%wren.cs.rmit.OZ.AU at relay.cs.net
Melbourne, 3001, AUSTRALIA UUCP: ..!uunet!wren.cs.rmit.OZ.AU!msf
Phone: +61 3 660 2992 Fax: +61 3 662 1617
More information about the Comp.unix.shell
mailing list