Date: Fri, 14 Feb 1997 09:42:05 -0800 (PST) From: Paul Traina <pst@jnx.com> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/2734: pkg_* uses relative paths to executables Message-ID: <199702141742.JAA16017@base.jnx.com> Resent-Message-ID: <199702141750.JAA18513@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2734 >Category: bin >Synopsis: pkg_* uses relative paths to executables >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Feb 14 09:50:01 PST 1997 >Last-Modified: >Originator: Paul Traina >Organization: Juniper Networks >Release: FreeBSD 2.2-CURRENT i386 >Environment: 2.2 >Description: Relative paths are used throughout pkg_* to spawn executables. This should probably be changed (I'm not going to mention the security implications, because using system is inherantly insecure...actually I will...) >How-To-Repeat: If you try to install something with pkg_add, and /usr/sbin isn't in your path, it won't find chown. >Fix: Actually, the easiest fix (and best fix) would be to modify PATH at the start to include all dependant locations. While we're in there, fixing IFS might also make sense from a security standpoint. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702141742.JAA16017>