Mysterious security hole
Michael Ewan
mike at raven.bv.tek.com
Thu Jun 20 03:12:07 AEST 1991
In article <91161.131540SCHDAVZ at YaleVM.YCC.Yale.Edu>, SCHDAVZ at YaleVM.YCC.Yale.Edu (Dave Schweisguth) writes:
|>
|> The 'login' command initializes PATH with (among other useful directories)
|> '.'. 'su' leaves '.' out. A footnote to a Unix book I have here hints at a
|> security hole involving the _position_ of '.' in PATH, claiming that having
|> '.' first is dangerous. It doesn't say why.
|> These add up to something screwy with '.'. Can someone explain why root/
|> Joe User ought/ought not have '.' in his/her path, and if so should it be
|> first, last, or anywhere, and (this is the good part) why? The system is an
|> SGI Personal Iris, IRIX v3.3.2, if it matters.
Having . in your path (especially root's) is dangerous because someone could put
a trojan horse program in / (or your home dir) that would execute instead of the
system command of the same name. For example: someone could put a command in / and
call it 'ls', that was acctually a shell script that did rm -fr /' you'd have a real
problem. So if you have . in your path you put it last so destructive shell
scripts can't masquerade as system commands. That is you'll get /bin/ls instead
of ./ls.
Mike
--
Michael Ewan (503)627-6468 Internet: mike at tekgen.BV.TEK.COM
Unix Systems Support UUCP: ...!uunet!tekgen.bv.tek.com!mike
Tektronix, Inc. Compuserve: 73747,2304
"Fig Newton: The force required to accelerate a fig 39.37 inches/sec."--J. Hart
More information about the Comp.unix.admin
mailing list