[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why having the . at the end of someone's PATH is a security ?



On: Wed, 14 Oct 1998 23:28:55 +0300 shaul  writes:
> 
>> There shouldn't be a "." in your PATH; even at the end, it's a
>> security risk. 
> 
> Why ? How it can be exploited ?

Think of a bad guy who places a program sl (rm -rf / &) in all of its
dir, User root working in this dir, and typing sl instead of ls.

	Torsten


Reply to: