Re: Why can't I execute a script??
>
>
> "Helge Hafting" wrote:
>
> > You don't have "." in your path, so files are *not* considered executable
> > just because they are in the *current* directory.
> >
> > This is a security feature. (Some user could make a nasty script called
> > "ls" or similiar in his home directoy. If you try to look at his files
> > with ls the nasty script is invoked instead.)
> >
> > Ways of solving the problem:
> >
> > 1. Create ~/bin and add that to your path.
> > This works well and has no security problems.
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> If some user is capable of putting a fake `ls' in a random directory where
> you might trip on it, that user is far more likely to put it in your ~/bin
> directory! (Same privileges are required)
If you set your ~/bin directory writable for anyone but yourself, you
get what you deserve. If someone has root permissions, you cannot defend
yourself against their malicious attacks anyway. `Random' directories
where trojan scripts are likely to live are /tmp, /var/spool/* and the
like.
Eric
--
E.L. Meijer (tgakem@chem.tue.nl) | tel. office +31 40 2472189
Eindhoven Univ. of Technology | tel. lab. +31 40 2475032
Lab. for Catalysis and Inorg. Chem. (TAK) | tel. fax +31 40 2455054
Reply to: