Re: ./ in PATH, always bad?
On Fri, 13 Jul 2001, Dan Berdine wrote:
> The Redhat machine I use at work seems to include ./ in the PATH
> variable, I can always run executables from my current directory
> without using ./ like on my home debian system. This has always seemed
> more convenient to me and I wondered why Debian doesn't do this until I
> read that it is considered a security flaw. Is this always so? Is
> there a way to enable this without compromising security?
If you put . in your PATH at least put it last, this will
mininize the security risk. This risk is probably small
if you don't have a connection to the net which is mostly up.
rob Live the dream.
Reply to: