Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Jun 1996 08:23:11 -0500 (CDT)
From:      Joe Greco <jgreco@brasil.moneng.mei.com>
To:        davidg@root.com
Cc:        gpalmer@FreeBSD.ORG, vince@mercury.gaianet.net, mark@grumble.grondar.za, hackers@FreeBSD.ORG, security@FreeBSD.ORG, chad@mercury.gaianet.net, jbhunt@mercury.gaianet.net
Subject:   Re: I need help on this one - please help me track this guy down!
Message-ID:  <199606251323.IAA07541@brasil.moneng.mei.com>
In-Reply-To: <199606250714.AAA03862@root.com> from "David Greenman" at Jun 25, 96 00:14:37 am
next in thread | previous in thread | raw e-mail | index | archive | help 
> >No, everyone does NOT have `.' in their paths! I most certainly don't,
> >as I know that it's ALL to easy to have someone break your system
> >security that way. Imagine if you are looking into something as root,
> >and have `.' in your path. You go into someone elses directory, and do
> >a `ls'. All they need is a wrapper program called `ls' in that dir
> >which copies /bin/sh to some directory, chowns it to root, then sets
> >the setuid bit, and THEN exec's ls with the arguments given, an BANG,
> >there goes your system security.
> 
>    Actually, this particular problem can be avoided by putting "." last in
> the search path rather than first.

That's security via stupidity, it is about as much protection as a
windshield made out of plastic wrap.

Most sites do not have commands like "dir", "ren", etc. in /usr/bin or
/usr/local/bin...  (I do by the way), making it easier for an unsuspecting
admin to screw themselves in this way.

My .cshrc, ancient but venerable...

[...]
set     path=( /bin /usr/{bin,local/bin,ucb,games} /etc )
[...]
if ( -r ~/.path ) then
        if ( $root ) then
                set     path=(`grep -v "\." < ~/.path`)
        else
                set     path=(`cat ~/.path`)
        endif
endif
[...]

I for one am more comfortable having to prefix stuff with ./ if I really
want it to do what I mean.

... Joe

-------------------------------------------------------------------------------
Joe Greco - Systems Administrator			      jgreco@ns.sol.net
Solaria Public Access UNIX - Milwaukee, WI			   414/546-7968

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606251323.IAA07541>