how to execute an excutable file

narendra narendra at nii.res.in
Wed Feb 28 05:23:06 UTC 2007 

hi 
thanks Michael and Rick for this wonderful illustration.
> > > Hi,
> > > why shouldn't  current working directory be in the PATH?? 
> > > 
> > > Narendra 
> > > 
> > 
> > This is more important for the 'root' user as opposed to regular users but I
> > guess one could advise it for all users.
> > 
> > It's to avoid a security risk called a Trojan Horse.  A Trojan Horse is an
> > executable that has the same name as a standard Linux/Unix system command
> > but does something completely different.
> > 
> > Say you're in the 'tmp' directory (or any publicly accessible directory) and
> > an unknown user has created a program called 'ifconfig' in that directory.
> > You, as root, would like to execute the 'ifconfig' command while in the tmp
> > directory.  If '.' is in the path before /sbin is, you will inadvertently
> > execute the 'ifconfig' command in the tmp directory.  That ifconfig command,
> > run as the root user, can do anything it wants, even give root permissions
> > to any other user.
> > 
> > That is why the 'root' user should only have well-defined system directories
> > in its path, and definitely not directories that are publicly-accessible.
> > Since '.' can point to anything, it should never be in the path.
> > 
> > Variants of this idea can also apply to all users.
> 
> Good example, Michael.
> 
> ----------------------------------------------------------------------
> - Rick Stevens, Principal Engineer          rstevens at vitalstream.com 
> - - VitalStream, Inc.                      
>  http://www.vitalstream.com - -                                      
>                               - -             To iterate is human, 
> to recurse, divine.               -
> ----------------------------------------------------------------------
> 
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe


Narendra Kumar
PhD Scholar
Bioinformatics Center
National Institute of Immunology
Aruna Asaf Ali Marg
New Delhi-110067
Telephone Numbers (EPABX):  26717121 to 26717145, Ext:724
Fax : 91-11-26162125 & 91-11-26177626

More information about the Redhat-install-list mailing list