Date: Tue, 25 Jun 1996 15:17:47 GMT From: hal@snitt.com (Hal Snyder) To: security@freebsd.org Subject: The Vinnie Loophole Message-ID: <31cffc6e.1096226166@vogon.trans.sni-usa.com>
next in thread | raw e-mail | index | archive | help
Re: Trojan horse programs that get executed because "." is in PATH somewhere: The fact that this well-known, easily plugged loophole is being rediscovered by new admins (probably daily) suggests that we *could* do something more proactive to keep it from happening. 1. How about adding checks for "." or equivalent in $PATH to /etc/security? Scan for it in .profile, .bashrc, and so forth. This would not catch every offence but would help. 2. At appropriate securelevel, have exec() fail with explanation to syslog if there is no "/" in argv[0]. How much code would [should] this break? Is this a horrible idea?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31cffc6e.1096226166>