Subject: Re: '.' in your path & security (was: breakage?)
To: NetBSD-current Users's Discussion List <>
From: Greg A. Woods <>
List: current-users
Date: 03/27/2007 18:08:51
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

At Mon, 26 Mar 2007 22:13:41 +0100, David Laight wrote:
Subject: Re: breakage?
> On Sun, Mar 25, 2007 at 10:33:25PM -0500, Brian A. Seklecki wrote:
> > There's always the possibility you're $PWD is a og+w bit
> > (/tmp, /var/tmp) and someone slips in an executable shell script there
> > for a command you might type that isn't located in $PATH yet.

(/tmp and /var/tmp should be mounted with "-o noexec,nodev" of course)

> Indeed, so if you run as root, with '.' in your $PATH, on a system
> where other people might put stuff into odd directories, you are stupid.


The same rule about relative paths in $PATH should also apply those who
who use "su" to attain other privileges, especially superuser
privileges, i.e. don't use relative PATH elements under your normal
user-ID either!

> There are a lot of other ways a root user can shoot themselves in the foo=

How true!

						Greg A. Woods

H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <>
Planix, Inc. <>       Secrets of the Weird <>

Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

Version: PGPfreeware 5.0i for non-commercial use
MessageID: 2zUZYRSh0J50CgqwrvNdMFz1KAcCsSs2