[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: all xterms



On Wed, 3 Nov 1999, Raul Miller wrote:

> > NO, you are completely WRONG. If one have $PATH pointing to
> > world-writable directory he has already NO security AT ALL ! This is
> > not *potential* security hole.
> 
> Sure, if you ever have a world writeable directory in $PATH
> that's a security hole -- someone can put an ls that does whatever
> they want, with your permissions.

On the subject of this, check out

  http://www.excessus.demon.co.uk/misc-hacks/#chkpath

It checks $PATH for potentially malicious components; it's rather cute.

-- 
Chris <chris@fluff.org>                         ( http://www.fluff.org/chris )


Reply to: