Re: from a.out to running the darned thing.
Travis Crump wrote:
I understand . since . could potentially be an insecure directory like
/tmp, but what is wrong with ~/bin? If an attacker is able to place a
binary in ~/bin doesn't he already have the permissions to do "rm -rf
~" himself?
No, "~/bin" is not the same as "/bin". "~/bin" is the current user's
directory. Still, I'm not sure that "~/bin" represents a threat, because
the bad guy's "~/bin" won't be in root's path, and the bad guy
presumably won't be able to put a bad file in root's "~/bin", which may
be what you're saying above.
But having "." in one's path is definitely risky.
--
Kent
Reply to: