[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why isn't . in the path? (Was: nmbd problems...)

To: _azure <azure@gh0st.net>
Subject: Re: Why isn't . in the path? (Was: nmbd problems...)
From: Scott Roy Atwood <atwood@cs.stanford.edu>
Date: Fri, 26 Jan 2001 08:41:01 -0800
Cc: Rakhesh Sasidharan <rakhesh@cse.iitd.ernet.in>, misc@openbsd.org
Content-Disposition: inline
References: <87u26mn9as.fsf@kaka.blahonga.org> <Pine.LNX.4.10.10101261343580.14838-100000@localhost.localdomain> <20010126081211.A21072@gh0st.net>
User-Agent: Mutt/1.2.5i

* _azure <azure@gh0st.net> [010126 14:12]:
> 
> On the other hand, . is usually listed last when it's in the path.  As 
> long as the original programs are still in place, it should never *get*
> to check /usr/local or . for the stock binaries.

But a clever hacker would use binaries named "sl" or "mr", which are
common misspellings of common commands.  These would *not* be picked up
by stock binaries in the rest of your path, but *would* be picked up by
"." if you were in the directory that contained them.

-- 
Scott Atwood
atwood@cs.stanford.edu

Follow-Ups:
- Re: Why isn't . in the path? (Was: nmbd problems...)
  - From: Rakhesh Sasidharan <rakhesh@cse.iitd.ernet.in>
- Re: Why isn't . in the path? (Was: nmbd problems...)
  - From: _azure <azure@gh0st.net>

References:
- Re: Why isn't . in the path? (Was: nmbd problems...)
  - From: Artur Grabowski <art@blahonga.org>
- Re: Why isn't . in the path? (Was: nmbd problems...)
  - From: Rakhesh Sasidharan <rakhesh@cse.iitd.ernet.in>
- Re: Why isn't . in the path? (Was: nmbd problems...)
  - From: _azure <azure@gh0st.net>

Prev by Date: Re: init: really dumb question
Next by Date: Re: Why isn't . in the path? (Was: nmbd problems...)
Prev by thread: Re: Why isn't . in the path? (Was: nmbd problems...)
Next by thread: Re: Why isn't . in the path? (Was: nmbd problems...)
Index(es):
- Date
- Thread