Re: To Atul and Thaths

["Binand Raj S." <binand@xxxxxxxxxxxxxxxxxxxxx>]

I don't remember seeing this thread, but here goes...

BGanesh forced the electrons to say:
> Hi,
> And I did read elsewhere that this is a security breach. But I wasn't
> able to find out much more. So here are the questions :
> 
> Thaths assumes (and states so) that this is an issue if the '.' precedes
> the other paths. If '.' is the last in entry in for the $PATH then is it
> considered fixed?

No way. I will explain.

> Also, if J.M.C was smart enough (or my system insecure enough) to get
> into my directory and put 'ls' or whatever in my directory, the system
> (or atleast the parts I / J.M.C have access to) is as good as bombed
> anyways, so what is your point?

Not exactly. If J.M.C. could only hack into a normal user account, he would
place a program called 'ls' in /tmp, and will wait for his friendly sysad to
be in /tmp and run ls (the version he planted, which will probably mail JMC
the shadow password file so that he can put it through crack at his
leisure).
  
> Again as root, if '.' is the last entry, then the correct version from
> bin would kick in, would it not. Alt, if it is a new and untried program
> that is sitting in the directory the I have no business to run it as
> root anyways, regardless of whether I execute it as ./proggy or
> /usr/home/username/proggy (or whatver the path is). If these are
> considered then how does the '.' provide a gateway to disaster... ?

Well, if you are a sysad, then you are prone to typing fast, and if you are
human, then you are prone to make mistakes, and I am sure you type 'sl' as
frequently as you type 'ls'. Since there is no sl in /bin or /wherever, you
are bound to run the sl sitting in /tmp on your machine, again sending JMC
your shadow password file...

Binand

- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/

------------------------------