From owner-freebsd-questions Thu Dec 21 23:58:26 2000 From owner-freebsd-questions@FreeBSD.ORG Thu Dec 21 23:58:24 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id 1884737B402 for ; Thu, 21 Dec 2000 23:58:24 -0800 (PST) Received: by bazooka.unixfreak.org (Postfix, from userid 1000) id 5921B3E0C; Thu, 21 Dec 2000 23:58:23 -0800 (PST) Received: from unixfreak.org (localhost [127.0.0.1]) by bazooka.unixfreak.org (Postfix) with ESMTP id 57E303C109; Thu, 21 Dec 2000 23:58:23 -0800 (PST) To: Cliff Sarginson Cc: "Otter" , "FreeBSD Questions" Subject: Re: search order? In-Reply-To: Message from Cliff Sarginson of "Fri, 22 Dec 2000 07:38:37 GMT." Date: Thu, 21 Dec 2000 23:58:18 -0800 From: Dima Dorfman Message-Id: <20001222075823.5921B3E0C@bazooka.unixfreak.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Which is why, btw, you shouldn't have "." in root's PATH. > In case some scallywag puts a nasty version of .. say "ls" in > some innocent directory, and this happens to be a shell script that > does a "rm -rf *" .. ho ho.. ^^^ That'd wipe out the directory in which that trojan is in. The worst thing I can see happening is if you wiped out /tmp while running some /tmp-intensive application (I can't think of any ATM). Please note, however, that I'm not debating whether having "." in a path is a good idea. You're right; it isn't, and not just for root. Your example didn't show off the dangers very well, though. No offense intended. Regards Dima Dorfman dima@unixfreak.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message