Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Bashing away at Unix
- Date: Thu, 13 Mar 2008 00:14:28 +0900
- From: Curt Sampson <cjs@example.com>
- Subject: Re: [tlug] Bashing away at Unix
- References: <47D7A519.70409@imaginatorium.org> <20080312101925.5b996fe6.gstewart@bonivet.net> <47D7C3A2.8020807@imaginatorium.org> <20080312130637.GA19165@mail.scottro.net>
- User-agent: Mutt/1.5.17 (2007-11-01)
On 2008-03-12 09:06 -0400 (Wed), Scott Robbins wrote: > I believe there are various reasons to not include . in a path, but I've > forgotten what they are. :) Little things like someone puts a program called 'ls' in his home dir that creates an suid copy of /bin/sh owned by the user running it (thus allowing anybody who runs that shell to become that user). After that, it deletes itself and runs /bin/ls with its arguments. You change to the dir, type 'ls', and see a directory listing, none the wiser that you've just been 0wned. cjs -- Curt Sampson <cjs@example.com> +81 90 7737 2974 Mobile sites and software consulting: http://www.starling-software.com
- References:
- [tlug] Bashing away at Unix
- From: Brian Chandler
- Re: [tlug] Bashing away at Unix
- From: Godwin Stewart
- Re: [tlug] Bashing away at Unix
- From: Brian Chandler
- Re: [tlug] Bashing away at Unix
- From: Scott Robbins
- [tlug] Bashing away at Unix
- Prev by Date: Re: [tlug] Bashing away at Unix
- Next by Date: Re: [tlug] Non-standard Perl Module Locations
- Previous by thread: Re: [tlug] Bashing away at Unix
- Next by thread: Re: [tlug] Bashing away at Unix
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |