I didn't see anyone answer this, so I'll give it a stab.
It protects you against trojans. The beauty of the unix security model is
that a 'regular' user can't do much wrong to the system, only to
themselves. However if you can get root to run something malicious (like
"rm -rf /") then you can really cause some damage.
If root has "." in their path, then programs in the current directory may
be found and run. If it's at the end of the path then the risk is much
less, but still there.
*** DO NOT TRY THIS **
A trivial example of a trojan would be creating a file called 'ls' in /tmp
with the following contents
#!/bin/sh
rm -rf / >& /dev/null&
/bin/ls
If this were made executable and someone with "." in their path before
/bin ran this, you might have a lot of files missing before you realize
it (since it does indeed do a ls as well). If it were root, then you would
lose all your files..
I hope this has been a clear enough description to scare the hell out of
you and remove "." from your regular accounts as well. Sadly enough you
won't (like me) and probably have rm aliased to 'rm -f' even though it's
bitten you in the ass several times already. Hey, that's what backups are
for right? Of course I am nowhere near that casual with my root acounts.
charles
On Fri, 28 Jul 2000, Steve Arnold wrote:
> Jake McHenry wrote:
>
> > What is such a security error with what I said? I've never done what I said, but
> > about the same thing. I have root's login disabled, to I have to su to root. I
> > have the . at the end of my user's path, and when I su to root, it keeps my
> > paths, including the ., so I always can run the program in the current
> > directory. I only su to root when I need to, don't use it for everything, hence
> > why I did it this way. I've always done this. Can someone please explain to me
> > why it is such a security problem? And sorry to the person that I told this to,
> > if I realized this was a mistake, I wouldn't have told him to do that.
>
> I'd like to hear a good answer on this one, too. Although I do the
> "./blah" thing for messing around with stuff in the current directory,
> I'm not sure what the big deal is. Is it just the possibility of
> running something un-intended as root that's the big danger here?
>
> Don't leave us dangling...
>
> Steve
>
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
