Date: Tue, 25 Jun 1996 00:14:37 -0700 From: David Greenman <davidg@root.com> To: "Gary Palmer" <gpalmer@FreeBSD.ORG> Cc: -Vince- <vince@mercury.gaianet.net>, Mark Murray <mark@grumble.grondar.za>, hackers@FreeBSD.ORG, security@FreeBSD.ORG, Chad Shackley <chad@mercury.gaianet.net>, jbhunt <jbhunt@mercury.gaianet.net> Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <199606250714.AAA03862@root.com> In-Reply-To: Your message of "Tue, 25 Jun 1996 07:58:32 BST." <29209.835685912@palmer.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
>-Vince- wrote in message ID ><Pine.BSF.3.91.960624232727.21697c-100000@mercury.gaianet.net>: >> Hmmm, doesn't everyone have . as their path since all . does is allow >> someone to run stuff from the current directory... > >No, everyone does NOT have `.' in their paths! I most certainly don't, >as I know that it's ALL to easy to have someone break your system >security that way. Imagine if you are looking into something as root, >and have `.' in your path. You go into someone elses directory, and do >a `ls'. All they need is a wrapper program called `ls' in that dir >which copies /bin/sh to some directory, chowns it to root, then sets >the setuid bit, and THEN exec's ls with the arguments given, an BANG, >there goes your system security. Actually, this particular problem can be avoided by putting "." last in the search path rather than first. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606250714.AAA03862>