[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: small patch to etc/skel/dot.cshrc
On Tue, Feb 17, 2004 at 06:45:54PM -0500, Chris Jepeway wrote:
> [ moved to misc@, perhaps presumptiously ]
> > [ . in PATH ] is not a security issue, if that what you are thinking, because
> > the paths are searched in order. all the normal binary directories are
> > listed first, so no one can slip you a trojaned 'ls' or whatever in the
> > current directory.
> OK, what about "sl"? Or "fnid"? Or "tpcdump"?
> Or, heck, what about "ethereal" if you don't
> have it installed on the machine where you're
Exactly. That's the point that this old FAQ entry makes as well
(last updated 1996):
Typing ./ is a habit you get into fairly quickly, just like
typing 'sudo' in front of commands instead of logging in as root
or using 'su'.
Andreas Kähäri |()()|
East Anglia |()()|