Le Mercredi 10 Septembre 2003 21:46, John Ollason a écrit :
Greetings, everybody,
I am just an ordinary user who has used UN*X operating systems on Suns since the dawn of time. I have _always_ set . in my path in the login script in my accounts on my linux machines. Indeed it has always been present in the standard login scripts provided to the average user on the machines on which I have had accounts. After frying one of the lib files with a frivolous update that went wrong I once had to crank up sash to replace the file and I was stalled for ages until I remembered that I had to be explicit about the current working directory. So, what's the problem? Have I been juggling with running chainsaws all these years?
Yes when . is in the path, it is much easier for a hacker to set up a trojan program. It is specially easy if you have a directory writable by others (group-writable or world-writable): putting in this directory a program named ls (just an example, there is nothing magic about ls, it is just something used quite often and looking quite safe) is enough: when the other-writable is the current directory, if you type ls (and you will do it some day, it is just a question of time) you will not use the true ls but the hacked one ... and only Satan and Belzebuth know what will happen. This is the crudest, and most usual, attack, it does not need any technical expertise; there are others, more complicated. See chapter one of any book on unix security.