Re: ./ in PATH, always bad?

To: debian-user@lists.debian.org
Subject: Re: ./ in PATH, always bad?
From: Brian Nelson <nelson@bignachos.com>
Date: Fri, 13 Jul 2001 18:42:12 -0400
Message-id: <[🔎] 20010713184212.A612@NACHITOS>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20010713145337.A1663@crdic.ath.cx>
References: <[🔎] 20010713145337.A1663@crdic.ath.cx>

On Fri, Jul 13, 2001 at 02:53:37PM -0700, Craig Dickson wrote:
> D-Man wrote:
> 
> > Sure it's a "flaw" :  suppose someone creates an executable trojan in
> > "the current directory" named 'cd'.  If '.' is the first thing in the
> > path you will execute the trojan rather than the usual /bin/cd.
> 
> s/cd/ls/g for a better argument. cd is a shell builtin; there is no /bin/cd.

Or, even better, su.  Nice easy way to grab a root password...

-- 
Brian Nelson <nelson@bignachos.com>

Reply to:

References:
- Re: ./ in PATH, always bad?
  - From: Craig Dickson <crdic@yahoo.com>

Prev by Date: Re: [OT] job title
Next by Date: nullmodem connection
Previous by thread: Re: ./ in PATH, always bad?
Next by thread: Re: ./ in PATH, always bad?
Index(es):
- Date
- Thread