Bug#299007: base-files: Insecure PATH in /root/.profile

To: 299007@bugs.debian.org
Subject: Bug#299007: base-files: Insecure PATH in /root/.profile
From: psz@maths.usyd.edu.au
Date: Thu, 24 Mar 2005 07:30:14 +1100
Message-id: <[🔎] 200503232030.j2NKUEgP028439@pisa.maths.usyd.edu.au>
Reply-to: psz@maths.usyd.edu.au, 299007@bugs.debian.org

Some Googling turned up the following:

http://www.tldp.org/HOWTO/Path-12.html
  Any of the important daemon processes should never execute anything that
  some other user can write into. In some systems, /usr/local/bin is
  allowed to contain programs with less strict security screening - it is
  just removed from the path of the root user.

http://www.tldp.org/HOWTO/Security-HOWTO/local-security.html
  The command path for the root user is very important. The command path
  (that is, the PATH environment variable) specifies the directories in
  which the shell searches for programs. Try to limit the command path for
  the root user as much as possible, and never include . (which means "the
  current directory") in your PATH. Additionally, never have writable
  directories in your search path ...

http://www.tldp.org/HOWTO/Tips-HOWTO-3.html
  Root's path should consist of 'PATH= /bin'
  That's it. Nothing else on root's path.

http://osmirrors.cerias.purdue.edu/pub/OpenBSD/src/etc/security
  	{ print "Root path directory " $10 " is group writable." }

http://security.sdsc.edu/advisories/outback_sec_guidelines
  Most current day operating systems have this but, audit root's path, make
  sure dirs are owned and only writable by root. minimize as much as
  possible, e.g. /sbin:/usr/sbin:/bin:/usr/bin

http://www.start-linux.com/articles/article_165.php
  One important thing to keep in mind are the different $PATH settings for
  users and root:
    * user: /usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/home/user/bin:
    * root: /sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin

http://www.unet.univie.ac.at/aix/aixbman/admnconc/system_security.htm
  The PATH value in the /etc/profile file is used by the root user. Only
  specify directories that are secure, that is, that only root can write
  to.

http://docsun.cites.uiuc.edu/sun_docs/C/solaris_9/SUNWaadm/SYSADV4/p98.html
  The paths that lead to the home directory must be owned and writable by
  root only. For example, if a .forward file is in /export/home/terry,
  /export and /export/home must be owned and writable by root only.

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

Reply to:

Prev by Date: Pending Order
Next by Date: Bug#299007: base-files: Insecure PATH in /root/.profile
Previous by thread: Pending Order
Next by thread: Bug#299007: base-files: Insecure PATH in /root/.profile
Index(es):
- Date
- Thread