Re: from a.out to running the darned thing.

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: from a.out to running the darned thing.
From: Kent West <westk@acu.edu>
Date: Sun, 23 Jan 2005 23:06:53 -0600
Message-id: <[🔎] 41F4826D.8050702@acu.edu>
In-reply-to: <[🔎] 41F47CEA.6070801@techhouse.org>
References: <[🔎] 20050124015925.1EA2049.NOFFLE@rucyber-punk.local> <[🔎] 1106534679.31123.28.camel@haggis.homelan> <[🔎] 41F47CEA.6070801@techhouse.org>

Travis Crump wrote:

I understand . since . could potentially be an insecure directory like/tmp, but what is wrong with ~/bin? If an attacker is able to place abinary in ~/bin doesn't he already have the permissions to do "rm -rf~" himself?

No, "~/bin" is not the same as "/bin". "~/bin" is the current user'sdirectory. Still, I'm not sure that "~/bin" represents a threat, becausethe bad guy's "~/bin" won't be in root's path, and the bad guypresumably won't be able to put a bad file in root's "~/bin", which maybe what you're saying above.


But having "." in one's path is definitely risky.

--
Kent

Reply to:

Follow-Ups:
- Re: from a.out to running the darned thing.
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: from a.out to running the darned thing.
  - From: Paul E Condon <pecondon@mesanetworks.net>

References:
- from a.out to running the darned thing.
  - From: Scotty Fitzgerald <sfitz007@bestweb.net>
- Re: from a.out to running the darned thing.
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: from a.out to running the darned thing.
  - From: Travis Crump <pretzalz@techhouse.org>

Prev by Date: Dell PowerEdge 2850 kernel panic.
Next by Date: Re: from a.out to running the darned thing.
Previous by thread: Re: from a.out to running the darned thing.
Next by thread: Re: from a.out to running the darned thing.
Index(es):
- Date
- Thread