Re: ./ in PATH, always bad?
On Mon, Jul 16, 2001 at 09:34:40AM -0400, Alan Shutko wrote:
> Nathan Weston <nweston@hamilton.edu> writes:
>
> > So if your path is "/bin:/usr/bin:./", it will only search ./ if it
> > doesn't find the command in /bin or /usr/bin. Which means that there
> > is much less danger of someone replacing a standard program with a
> > trojan.
>
> It just means the attacker has to be a bit smarter and use typos.
> "sl", anyone?
Funny, when I type "sl", I get a choo-choo train running across the
screen! <*g*>
--
Eric G. Miller <egm2@jps.net>
Reply to: