Mysterious security hole
eric.a.olson
junk1 at cbnews.cb.att.com
Sun Jun 23 22:57:03 AEST 1991
In article <JC.91Jun22234051 at raven.bu.edu> jc at raven.bu.edu (James Cameron) writes:
>>>>>> On 22 Jun 91 22:06:35 GMT, mcmahan at cs.unca.edu (Scott McMahan) said:
>
>Scott> In article <1991Jun21.203054.989 at serval.net.wsu.edu> yeidel at tomar.accs.wsu.edu (Joshua Yeidel) writes:
>>>The example of having something in / is bad for obvious reasons. But
>>>what about /tmp? A script named say "la" (common type of "ls") which
>>>does a chmod 777 /, sends mail to the person and then echos
>>>"la: Command not found" would do the job nicely.
>>
>>Is /tmp in your path? Why?
>
>Scott> I wondered that myself.
>
>
>Why were talking about '.' being in your path. So, if your
>current directory is /tmp and even if '.' is last in your
>path....
>
>You figure out the trojan horse here...
>
>jc
No, I thought we were talking about using *reasonable* security
measures, especially when running as root. Jamie Mason voiced
my sentiments:
> In fact only *ever* execute commands as root that you really
>*have to*. Su to an appropriate, weaker, userid to do anything else.
>AND put "." last in the path, if at all.
The scenarios posted by various individuals assume at least one
of the following:
1. A system directory in root's PATH is left writeable
2. Root is foolish or inexperienced enough to do more
than what absolutely *requires* root privilege
3. Root is foolish or inexperienced enough to cd to do:
cd dir; ls
rather than
ls dir
hmmph. probably also does 'pwd' to make sure the 'cd' worked.
I'm not advocating putting '.' in root's path. I don't. But that's
because I fear unexpected consequences of running *any* random commands
as root, not because I fear that somebody might leave a trojan horse in
a directory.
More information about the Comp.unix.admin
mailing list