Subject: | |
From: | |
Reply To: | |
Date: | Wed, 18 Apr 2001 15:39:11 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Gavin Scott <[log in to unmask]> wrote:
>If you add '.' to the *end* of your path, then you can't override any
>executables that exist in standard locations on your PATH because they will
>be found *before* any trojan horses that may have wandered in to your
>working directory.
There's one case where this CAN override standard executables. Certain mistakes
are common on Unix (or Posix) systems. For instance, ls -l is often mistyped as
ls-l by people in a hurry who get a little fumble-fingered. (I use this command
quite often and avoid this problem by aliasing 'ls -l' as ll, which also saves
me a few keystrokes.) It's an old trick for a malicious user to name a trojan
(or other dangerous program) ls-l and put it in a publicly accessible directory.
The first time someone with '.' at the end of their PATH makes the ls-l mistake
in that directory, the trojan gets executed. There are other common mistakes
(like co instead of cp, or cd\ to catch those DOS users who meant to type cd /)
that can be used as names for 'bad' programs.
Wayne
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
|
|