From owner-freebsd-current  Wed Oct  9 23:04:05 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id XAA22310
          for current-outgoing; Wed, 9 Oct 1996 23:04:05 -0700 (PDT)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA22272
          for <current@FreeBSD.org>; Wed, 9 Oct 1996 23:04:01 -0700 (PDT)
Received: from grumble.grondar.za (mark@localhost.grondar.za [127.0.0.1]) by grumble.grondar.za (8.7.6/8.7.3) with ESMTP id IAA12278; Thu, 10 Oct 1996 08:03:29 +0200 (SAT)
Message-Id: <199610100603.IAA12278@grumble.grondar.za>
To: Veggy Vinny <richardc@CSUA.Berkeley.EDU>
cc: Warner Losh <imp@village.org>, current@FreeBSD.org
Subject: Re: /usr/bin/install in -current broken 
Date: Thu, 10 Oct 1996 08:03:29 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-current@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

Veggy Vinny wrote:
> 	Hmmm, is moving the '.' to the last component in the path still a
> security risk?  I guess you are right that I don't want to have it in
> root's path but I guess as the last component it should be okay since no
> one can name something with the same name and have me run it... =)

Of course. Al someon has to do is name a script/trojan/whatever
as anything that is commonly mistyped to get you.

How often do you type (for instance)

l s-al for ls -al
fin or fnid for find
etc?

This leaves (in these cases) l, fin an fnid open for an attacker.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key