Re: ./ in PATH, always bad?
Nathan Weston <nweston@hamilton.edu> writes:
> So if your path is "/bin:/usr/bin:./", it will only search ./ if it
> doesn't find the command in /bin or /usr/bin. Which means that there
> is much less danger of someone replacing a standard program with a
> trojan.
It just means the attacker has to be a bit smarter and use typos.
"sl", anyone?
--
Alan Shutko <ats@acm.org> - In a variety of flavors!
DM ADVICE: Never reward a player who serves you Kool-Aid and crackers.
Reply to: