Re: [Plug] RE: Path

Nick R on Fri, 3 Sep 1999 11:13:15 -0400 (EDT)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] RE: Path

From: "Nick R" <laktar@hotmail.com>

To: plug@lists.nothinbut.net

Subject: Re: [Plug] RE: Path

Date: Fri, 03 Sep 1999 08:12:28 PDT

Reply-to: plug@lists.nothinbut.net

Sender: plug-admin@lists.nothinbut.net

Not really. If you type ls it first looks at the path statement. That's a security feature (in the real sense of the word, not the M$ sense) so that people can't do that. You'd have to type ./ls in order to fall for that trap & there's no reason to do that. You can try it for yourself. Just make a blank ls file.

-Laktar, a.k.a. Nick Rosen, laktar.dyndns.org

If I Ever Became An Evil Overlord: 19. I will not have a daughter. She would be as beautiful as she was evil, but one look at the hero's rugged countenance and she'd betray her own father. -- Peter's Evil Overlord List, http://www.eviloverlord.com/lists/overlord.html

From: Hugh Brock <hbrock@ibm.net> Reply-To: plug@lists.nothinbut.net To: plug@lists.nothinbut.net Subject: Re: [Plug] RE: Path Date: Fri, 03 Sep 1999 10:20:09 -0400

In general, if I'm not mistaken, you don't want much in the search path for the superuser, if for no other reason than that you want to get in the habit of typing the full path for every command you run as root (e.g. "/bin/ls", not just "ls").

Why? If an attacker was able to gain normal-user status on your system, she could plant a trojan-horse "ls" (for example) in the compromised user's home directory that emails /etc/passwd to an address in Botswana, or something worse. Then when you go to that directory as root and type "ls", which you will probably do at some point, the trojan horse ls gets executed with root privileges. If, on the other hand, you type /bin/ls, nothing happens other than that you wonder "hey, what's this 'ls' doing in joe user's home directory?"

(See 'Practical Unix and Internet Security' for more... best $40 I ever spent...)

--Hugh

_______________________________________________ Plug maillist - Plug@lists.nothinbut.net http://lists.nothinbut.net/mail/listinfo/plug

______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com

_______________________________________________ Plug maillist - Plug@lists.nothinbut.net http://lists.nothinbut.net/mail/listinfo/plug

Prev by Date: Re: [Plug] RE: Path

Next by Date: Re[2]: [Plug] RE: Path tnkU

Previous by thread: Re: [Plug] RE: Path

Next by thread: Re[2]: [Plug] RE: Path tnkU

Index(es):

Date

Thread