Yes, I see what your saying. If I would just happen to be in /tmp, and someone
just happened to make that fake "ls" script, then that would be a problem. I
don't know of many people on my system that know how to do anything more than
run pine, but there's the possibility. Thanks again.
Jake
On Mon, 31 Jul 2000, Charles Galpin wrote:
--but that's *THE POINT*! If you run 'ls' as root while in /tmp you are not
--knowlingly running someone else's script - you are doing soemthing you do
--many times a day that is quite harmless.
--
--1. somehow someone gets to create the file /tmp/ls as I suggested - could
--be a disgrunlted friend who had a login account on your box, could be
--someone exploiting a poorly written cgi script, etc, etc
--2. you have "." in your path (before /bin)
--3. 6 months rolls by (you ahole friend above doesn't even have an account
--anymore)
--4. you download the latest snafu.1386.rpm and do an ls to get the full
--name.
--5. you cry a lot
--
--Let me know if this is still not clear. It's important you understand the
--difference here.
--
--charles
--
--On Mon, 31 Jul 2000, Jake McHenry wrote:
--
--> On Mon, 31 Jul 2000, Charles Galpin wrote:
-->
--> --actually it's more about you being root, unintentionaly running someone
--> --else's script. In my example I should have pointed out that *anyone* could
--> --create an executeable file called /tmp/ls.
--> --
--> --charles
-->
--> I don't know about anyone else, but I don't just go around and run people's
--> scripts. If I do happen to come along a script that I think about running, I
--> look at it for a long time first in an editor. I especially don't run things
--> that are in the /tmp directory.
-->
--> jake
-->
-->
--> --On Mon, 31 Jul 2000, Jake McHenry wrote:
--> --
--> -->
--> --> ok, thanks for the info. I never really thought of it like that, someone else
--> --> running as root. Even though they would never get my password, I guess there
are
--> --> other ways of becoming root. Thanks again.
--> -->
--> --> jake
--> -->
--> -->
--> --> On Mon, 31 Jul 2000, Charles Galpin wrote:
--> -->
--> --> --I didn't see anyone answer this, so I'll give it a stab.
--> --> --
--> --> --It protects you against trojans. The beauty of the unix security model is
--> --> --that a 'regular' user can't do much wrong to the system, only to
--> --> --themselves. However if you can get root to run something malicious (like
--> --> --"rm -rf /") then you can really cause some damage.
--> --
--> --
--> ----
--> --To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
--> --as the Subject.
--> --
--> --
-->
--> Jake McHenry
--> [EMAIL PROTECTED]
-->
-->
--> --
--> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
--> as the Subject.
-->
--
--
----
--To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
--as the Subject.
--
--
Jake McHenry
[EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
