Date: Wed, 24 Jul 1996 08:37:35 -0400 From: Branson Matheson <branson@widomaker.com> To: Red Barchetta <paradox@pegasus.rutgers.edu> Cc: freebsd-questions@freebsd.org Subject: Re: ["Ian Kallen" <ian@gamespot.com>: Re: Install Q& A] Message-ID: <199607241237.IAA28762@garion.hq.ferg.com> In-Reply-To: Your message of "Wed, 24 Jul 1996 07:59:07 EDT." <CMM-RU.1.5.838209547.paradox@pegasus.rutgers.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
-------- ( Heh must be a rush fan .. can't wait until Sept. 3! ) Red Barchetta uttered with conviction: >Subject: Re: Install Q& A > >> Is . in your path? A lot of folks consider it bad s ysadmin >> practive to have it so and to precede all commands outside th eir >> path with full paths or relative paths (i.e. from /stand run it as >> ./sysinstall). > Why is this considered bad practice? (shudder) ... let me give you an example... User A says that he cannot read a file in his home area... you cd to his home area and type 'ls'. you note that the permissions on the file were 111 and send him mail saying he needs to change his permissions. You then go about your business thinking every thing is ok... but what really happened is that the user had created an executable in his home directory called 'ls' and since '.' was in your path before /bin, you executed the local one. And the local one copyied /bin/sh to ~A/.tmp and made it setuid, and then erased the offending copy in the local directory and then executed the _real_ ls with the flags you specified. Now the user has root access. Suprise. This is one of the simplest examples.. there are better ones ;-). -branson ============================================================================= Branson Matheson | Ferguson Enterprises | If Pete and Repeat were System Administrator | W: (804) 874-7795 | sittin on a fence and Pete Unix, Perl, WWW | branson@widomaker.com | fell off, who is left?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607241237.IAA28762>