On Nov 1, 2007, at 3:16 PM, Douglas A. Tutty wrote:
On Thu, Nov 01, 2007 at 10:28:55AM -0500, John Hasler wrote:Doug writes:It would only be a security issue if the permissions on your homedirectory and/or the execs themselves allowed others to execute them.A buggy application (buffer overflow in Firefox...) or an evil bit ofJavaScript could be used by a "virus" to install a trojan in $HOME/ bin.If Iceweasel is such a security risk, perhaps I should create a separateuser under which to use it. What all can a buggy Iceweasel allow?
Yeah, if we're talking about an application security hole of that kind, it doesn't matter if you have ~/bin in your path or not. The exploit can just add "export PATH=~/bin:$PATH" to your .bashrc itself, or call whatever trojan it's created directly!
Having . (single dot) in your PATH is a much more realistic threat, if you ever cd into a directory controlled by another user. I don't see that one too much, although every so often someone who's used to MS-DOS will think it's a clever idea.