Exporting shell functions into shell files
Snoopy
seifert at hammer.UUCP
Sat Nov 30 13:31:25 AEST 1985
In article <878 at psivax.UUCP> friesen at psivax.UUCP (Stanley Friesen) writes:
> The problem with this is that it creates a serious security
>hole. A user may inadvertantly or maliciously redefine a command used
>by a system shell script changing its behavior radically. A system
>command that suddenly stops using due to some independent action or
>which can be made to do whatever the user wants by tricking it into
>executing the user's program is very dangerous.
How is this different from having your own bin directory, which
is the first bin in your PATH? You can redefine commands that way
too. This security hole is easy to plug. System commands that
call other system commands should use the full pathname, e.g.
/bin/rm, rather than just rm. Of course this means that commands
called by other commands have to stay in a known place, and can't
just float all over the universe.
Snoopy (ECS Ronin #901)
tektronix!tekecs!doghouse.TEK!snoopy
More information about the Comp.unix
mailing list