Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
The author of this thread implied this is for a home system with one user. I
dont pretend to be unix security expert but a little bit of common sense in
setting up one's own home system always goes a long way. If you're THAT
paranoid, why not just alias "sl" in the rc file?
-P.
Jonathan King wrote:
> On Sun, 2 Jan 2000 EMAIL:PROTECTED wrote:
>
> > I feel obligated to note that while making your life easy, adding "."
> > to your path if you are running as root is an inherently dangerous
> > thing.
>
> Well, yeah, that's certainly a classic way of getting owned. But having
> "." in your path can truly ruin your day even if you aren't root, most
> obviously if you cd around and type "ls" a lot in random places. While I
> was at CMU, one clown managed to trash people by putting an executable
> called "sl" in one of his public directories. ("sl" is a common typo for
> "ls", of course.) I'll leave it to your collective evil imaginations what
> "sl" could do...
>
> Sometimes you will hear that it's okay to have "." in your path if you
> save it for last, but that alone won't prevent a "typo attack", for
> starters. I'm sure others may beg to differ, but it's just not a very
> good idea...
>
> jking
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact