From owner-freebsd-questions Wed Jul 24 10:08:57 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA01247 for questions-outgoing; Wed, 24 Jul 1996 10:08:57 -0700 (PDT) Received: from who.cdrom.com (who.cdrom.com [204.216.27.3]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA01242 for ; Wed, 24 Jul 1996 10:08:56 -0700 (PDT) Received: from garion.hq.ferg.com (pm1-12.wmbg.widomaker.com [204.17.220.112]) by who.cdrom.com (8.6.12/8.6.11) with ESMTP id KAA03565 for ; Wed, 24 Jul 1996 10:08:53 -0700 Received: from localhost.hq.ferg.com (localhost.hq.ferg.com [127.0.0.1]) by garion.hq.ferg.com (8.6.12/8.6.12) with SMTP id IAA28762; Wed, 24 Jul 1996 08:37:35 -0400 Message-Id: <199607241237.IAA28762@garion.hq.ferg.com> X-Authentication-Warning: garion.hq.ferg.com: Host localhost.hq.ferg.com didn't use HELO protocol From: Branson Matheson To: Red Barchetta cc: freebsd-questions@freebsd.org Subject: Re: ["Ian Kallen" : Re: Install Q& A] In-reply-to: Your message of "Wed, 24 Jul 1996 07:59:07 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 24 Jul 1996 08:37:35 -0400 Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk -------- ( Heh must be a rush fan .. can't wait until Sept. 3! ) Red Barchetta uttered with conviction: >Subject: Re: Install Q& A > >> Is . in your path? A lot of folks consider it bad s ysadmin >> practive to have it so and to precede all commands outside th eir >> path with full paths or relative paths (i.e. from /stand run it as >> ./sysinstall). > Why is this considered bad practice? (shudder) ... let me give you an example... User A says that he cannot read a file in his home area... you cd to his home area and type 'ls'. you note that the permissions on the file were 111 and send him mail saying he needs to change his permissions. You then go about your business thinking every thing is ok... but what really happened is that the user had created an executable in his home directory called 'ls' and since '.' was in your path before /bin, you executed the local one. And the local one copyied /bin/sh to ~A/.tmp and made it setuid, and then erased the offending copy in the local directory and then executed the _real_ ls with the flags you specified. Now the user has root access. Suprise. This is one of the simplest examples.. there are better ones ;-). -branson ============================================================================= Branson Matheson | Ferguson Enterprises | If Pete and Repeat were System Administrator | W: (804) 874-7795 | sittin on a fence and Pete Unix, Perl, WWW | branson@widomaker.com | fell off, who is left?