--pgp-sign-Multipart_Sat_Sep_29_16:37:16_2007-1
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

At Sat, 29 Sep 2007 18:00:18 +0200 (CEST), Magnus Eriksson wrote:
Subject: /usr/local in PATH
>=20
> On Sat, 29 Sep 2007, Steven M. Bellovin wrote:
>=20
> > I do not agree that it's a hole.  I think it's correct to
> > include /usr/local in default paths -- /usr/local/bin for
>=20
>    I should probably explain the scenario I'm seeing here.  My concern is=
=20
> that a bug in a suid program will allow the directory /usr/local/bin to b=
e=20
> created, with permissions such that a malicious user can put his own=20
> binaries there.  Then the next time root types "sl" instead of "ls" you'r=
e=20
> screwed.

I really can't see why you think that /usr/local/bin is in any way
special here.  It's no different, risk or threat-wise, than /bin or
/usr/bin or any other directory that already exists and is already
listed in root's default $PATH setting.

I.e. having /usr/local/bin exist as a directory by default (with the
appropriate ownership and permissions of course), and be listed in
root's default $PATH, is no more of a risk than having /usr/bin or /bin
(or /sbin or /usr/sbin) exist and be listed in root's default $PATH.

There is no new threat here, never mind any increased risk from one.

--=20
						Greg A. Woods

H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com>       Secrets of the Weird <woods@weird.com>

--pgp-sign-Multipart_Sat_Sep_29_16:37:16_2007-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: daQfsgP2j7YckrrCPa5ElErVPuiFschG

iQA/AwUBRv63fGZ9cbd4v/R/EQIpXACg6vXmn5e0NfyoXw7m/hZNSWbP7H8AoJNl
qd3cHAKE8ne2LTDZqEOfyeR4
=tsVj
-----END PGP SIGNATURE-----

--pgp-sign-Multipart_Sat_Sep_29_16:37:16_2007-1--