Re: small patch to etc/skel/dot.cshrc
This is a discussion on Re: small patch to etc/skel/dot.cshrc within the mailing.openbsd.tech forums, part of the OpenBSD category; --> On Wed, 18 Feb 2004 01:54:38 +0100 Marc Bevand <bevand_m@epita.fr> wrote: > I also think '.' should be remove ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2008, 06:48 AM
| ||||
| ||||
 Re: small patch to etc/skel/dot.cshrc On Wed, 18 Feb 2004 01:54:38 +0100 Marc Bevand <bevand_m@epita.fr> wrote: > I also think '.' should be remove from the PATH. Example: > - imagine an evil hacker places a binary (trojan...) called 'sl' > in /tmp > - if '.' is in the default PATH, the hacker would just have > to wait long enough so that a user (whose cwd happens to be > /tmp) mistypes 'sl' (instead of 'ls') so that it executes the > trojan ln -s /bin/ls /bin/sl do that for the common type errors and your system is more secure  cu JRL -- visit my OpenBSD ports page: http://vgai.de/ports -- If you don't remember something, it never existed... If you aren't remembered, you never existed...      |
Linear Mode
