[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Danger of stray : in PATH, Re: Problem Running Application with Alias

Quoting Petter Adsen (petter@synth.no):
> PS: What _are_ the security implications of having a PATH set to
> "/foo/bar:"?

man bash:

PATH   The search path for commands.  It is a colon-separated list  of
       directories  in  which the shell looks for commands (see COMMAND
       EXECUTION below).  A zero-length (null) directory  name in  the
       value of PATH indicates the current directory.  A null directory
                               ^^^^^^^^^^^^^^^^^^^^^
       name may appear as two adjacent colons,  or  as  an initial  or
       trailing  colon.   The  default path is system-dependent, and is
       set by the administrator who installs bash.  A common value  is
       ``/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin''.

And to spell out the dangers of that, consider:

$ cd /home/evilperson/malicious-programs/
$ emaca      (oops, I mistyped emacs. Funny, why are my files disappearing?)
             (oh dear, their file "emaca" contains rm -f ~/*)

or, if the colon is at the start of PATH:

$ date       (Funny, why...?)
             (oh dear, their file "date" is a symlink to emaca)

$ ls -1 /home/evilperson/malicious-programs/
date
emaca
...
$

Cheers,
David.
Reply to: