Date: Tue, 2 Jul 2002 12:18:38 +0200 From: Andreas Ntaflos <ant@overclockers.at> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-questions@freebsd.org, freebsd-stable@freebsd.org Subject: Re: freetype2?? again! Message-ID: <20020702121838.A44601@Deadcell.ant> In-Reply-To: <200207020449.g624nFDN044861@apollo.backplane.com>; from dillon@apollo.backplane.com on Mon, Jul 01, 2002 at 09:49:15PM -0700 References: <20020702004118.A1105@Deadcell.ant> <20020701191014.E134-100000@gravy.kishka.net> <20020702062113.B1105@Deadcell.ant> <200207020449.g624nFDN044861@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 01, 2002 at 09:49:15PM -0700, Matthew Dillon wrote: > Just as a side note, here, you should never put "." in root's path for > security reasons. If you do you may accidently run a tojan that > happens to be in the current directory and named after a common > command like 'ls' (for example if you are examining a user's directory > as root or you are cd'd into /var/tmp). It may be convenient, but it > is far better to get used to typing './BLAH' for things you want to run > from the current directory then to make it automatic and potentially > blow the machine's security. This is true; I did it out of convenience, not worrying about it, since I don't run things as root very often. But I'll put "." out of my path. This also happened to be one of my first "hacks" in a Unix-like OS, years ago now, and I was very proud of figureing out how to avoid that `./blah` thing :) Anyhow, thanks. regards -- Andreas "ant" Ntaflos ant@overclockers.at Vienna, AUSTRIA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020702121838.A44601>