Date: Wed, 18 Nov 1998 21:05:43 +0100 (CET) From: Jeroen Ruigrok/Asmodai <asmodai@wxs.nl> To: Jonathan Chen <jonc@pinnacle.co.nz> Cc: G578@ix.netcom.com, freebsd-questions@FreeBSD.ORG Subject: Re: C executables Message-ID: <XFMail.981118210543.asmodai@wxs.nl> In-Reply-To: <Pine.SCO.3.96.981119084138.13349B-100000@kiwi.pinnacle.co.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18-Nov-98 Jonathan Chen wrote: > On Wed, 18 Nov 1998, Jeroen Ruigrok/Asmodai wrote: >> On 18-Nov-98 Jonathan Chen wrote: >> And by doing that ye start the slow descent into security compromise. If one >> would have . in their PATH ye are risking to faster execute maliscious code >> than by doing ./name. > > It all comes down to the compromise between security and convenience. > Having the current directory in PATH as root is *ALWAYS* a bad idea, > but as a std. user is mostly fine (and very convenient) if you're > developing applications; and if you ever run a trojan (what were you > doing peeking into other people's directories?), the only person you'd > affect is yourself - system security is *not* compromised. Mayhaps, but as I have learned by now: security can never be put back. Not even at yer home system IMO. That's what started all this virus/trojans stuff on Windows platforms in the first place: user carelessness... Depends, most users log in as root... See my point? I agree on most of yer points, but given what I do for work I would get my arse kicked for allowing PATHs like . =) --- Jeroen Ruigrok van der Werven/Asmodai asmodai(at)wxs.nl | Cum angelis et pueris, Junior Network/Security Specialist | fideles inveniamur *BSD & picoBSD: The Power to Serve... <http://www.freebsd.org>; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.981118210543.asmodai>