Date: Wed, 10 Jan 1996 16:13:50 +1100 (EST) From: Anthony Hill <ahill@interconnect.com.au> To: David Brockus <dbrockus@cyberhall.com> Cc: FreeBSD questions <questions@freebsd.org> Subject: Re: Paths in FreeBSD Message-ID: <Pine.BSI.3.91.960110155447.18958F-100000@tulpi.interconnect.com.au> In-Reply-To: <Pine.BSF.3.91.960109141015.7219A-100000@cyber1.cyberhall.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 9 Jan 1996, David Brockus wrote: > I am running FreeBSD 2.0.5R. I have a problem with the path settings. > I have a prolem with directories that are not in the path. I can not > execute a files in those directories by just typing thier name. I must > type > > ./ > > to indicate the current directory and then type the file name. > > Adding "." to the path in the .cshrc file seems to fix this but I get > this error message > > Warning: exported path contains relative components. > > I was wondering what the correct solutions is? Thanks in advance Typing ./ before the command is the correct solution. Adding . to roots path is a definate big security risk. An anonymous FTP user could easily trick you into executing a script that would give him full root access to you machine by nameing the script something like "ls" and copying somewhere he does have write permission. (typically /tmp). Next time you do an "ls" in /tmp, you system gets a new root user. The ./ ensures you are executing the command you expected to. Roots path should never contain a directory other non-su'ed users ever have write permissions to. Try to avoid using root as much as possible anyway. (This stuff should be in the FAQ/handbook - newbies getting hacked because they lack basic info like this will eventually get FreeBSD a bad name as far as security goes.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.91.960110155447.18958F-100000>