Re: all xterms
On Wed, 3 Nov 1999, Raul Miller wrote:
> > NO, you are completely WRONG. If one have $PATH pointing to
> > world-writable directory he has already NO security AT ALL ! This is
> > not *potential* security hole.
>
> Sure, if you ever have a world writeable directory in $PATH
> that's a security hole -- someone can put an ls that does whatever
> they want, with your permissions.
On the subject of this, check out
http://www.excessus.demon.co.uk/misc-hacks/#chkpath
It checks $PATH for potentially malicious components; it's rather cute.
--
Chris <chris@fluff.org> ( http://www.fluff.org/chris )
Reply to: