Date: Tue, 25 Jun 1996 12:42:33 -0400 (EDT) From: Jeff Aitken <jaitken@cslab.vt.edu> To: hal@snitt.com (Hal Snyder) Cc: security@freebsd.org Subject: Re: The Vinnie Loophole Message-ID: <199606251642.MAA06642@husky.cslab.vt.edu> In-Reply-To: <31cffc6e.1096226166@vogon.trans.sni-usa.com> from "Hal Snyder" at Jun 25, 96 03:17:47 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> 1. How about adding checks for "." or equivalent in $PATH to > /etc/security? Scan for it in .profile, .bashrc, and so forth. This > would not catch every offense but would help. I can't speak for anyone else, but that would be the first sort of "security check" I would disable (along with the damn message about not logging in as root, but to use 'su'). Useless messages like WARNING: root has "." in their path!!! filling my system logs is *not* what I consider helpful. If you put "." last in the path you should be fine. If you've got "Unix System Administrators" who are trying to use commands like DIR and REN, or are wondering why there isn't a C:\UNIX directory, well, I think you're in trouble anyway :-) -- Jeff Aitken jaitken@cs.vt.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606251642.MAA06642>