[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: from a.out to running the darned thing.

Travis Crump wrote:

I understand . since . could potentially be an insecure directory like /tmp, but what is wrong with ~/bin? If an attacker is able to place a binary in ~/bin doesn't he already have the permissions to do "rm -rf ~" himself?

No, "~/bin" is not the same as "/bin". "~/bin" is the current user's directory. Still, I'm not sure that "~/bin" represents a threat, because the bad guy's "~/bin" won't be in root's path, and the bad guy presumably won't be able to put a bad file in root's "~/bin", which may be what you're saying above.

But having "." in one's path is definitely risky.


Reply to: