On Fri, 28 Sep 2007, John Nemeth wrote:

> } > (/usr/local/* is still retained in various default PATHs, for convenience)
> }
> } Smells like potential security problems to me, if it still is the case.
>
>     What security problem?  If the administrator doesn't put anything
> there, then nothing will be found.  If the administrator does put
> something there, then presumably they intend it to be used.

   Having a suid root program exploited to create the directory, or change 
the permissions of it -- *that* security problem.

   I don't know exactly in which "various default PATHs" /usr/local is 
referenced; and what or who might be convinced to run a "custom" binary or 
read a custom config file, but it doesn't seem harmless.


Take care,
MAgnus