dot in path (was Re: Mysterious security hole)
Chuck Karish
karish at mindcraft.com
Sat Jun 22 03:41:17 AEST 1991
In article <1991Jun20.023256.12713 at gpu.utcs.utoronto.ca>
jmason2 at gpu.utcs.utoronto.ca (Jamie Mason) writes:
|In article <1991Jun19.191124.20380 at cs.utk.edu| Dave Sill <de5 at ornl.gov| writes:
||Now suppose the user calls up the system administrator, who is known
||to remain su'd to root most of the time, and requests help with make...
| Of course, the administator's mistake was *not* that he had "."
|in is path. His mistake was that he helped a user with a problem with
|their personal files *as root*. What he/she should have done is su'ed to
|the user with the problem, then used *that* shell to solve the problem.
|Remember that root can su to anyone *without* entering a password. By
|poking around the user's files *AS THE USER*, there is no chance of
|accidentally executing something nasty as root.
I don't think this is true on systems that support saved-set-user-ID.
A Trojan horse program could su back to root under some circumstances.
It's often worth trying to reproduce a problem from several different
logins. Problems caused by user environment settings can be
difficult to diagnose.
--
Chuck Karish karish at mindcraft.com
Mindcraft, Inc. (415) 323-9000
More information about the Comp.unix.admin
mailing list