Re: Why can't I execute a script??
On Thu, 22 Oct 1998, Peter S Galbraith wrote:
:
: "Helge Hafting" wrote:
:
: > You don't have "." in your path, so files are *not* considered executable
: > just because they are in the *current* directory.
: >
: > This is a security feature. (Some user could make a nasty script called
: > "ls" or similiar in his home directoy. If you try to look at his files
: > with ls the nasty script is invoked instead.)
: >
: > Ways of solving the problem:
: >
: > 1. Create ~/bin and add that to your path.
: > This works well and has no security problems.
: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:
: If some user is capable of putting a fake `ls' in a random directory where
: you might trip on it, that user is far more likely to put it in your ~/bin
: directory! (Same privileges are required)
There are still systems where /usr/local is world writable (HP/UX for
one). The "fake ls in current dir" trick is usually intended to catch
people who are executing ls _in that directory_ (like an admin, for
example)
If your ~/bin directory is writable by anyone other than yourself, you
get what you deserve.
--
Nathan Norman
MidcoNet 410 South Phillips Avenue Sioux Falls, SD
mailto:finn@midco.net http://www.midco.net
finger finn@home.midco.net for PGP Key: (0xA33B86E9)
Reply to: