Date: Thu, 21 Dec 2000 23:58:18 -0800 From: Dima Dorfman <dima@unixfreak.org> To: Cliff Sarginson <cliff@raggedclown.net> Cc: "Otter" <otterr@telocity.com>, "FreeBSD Questions" <questions@FreeBSD.ORG> Subject: Re: search order? Message-ID: <20001222075823.5921B3E0C@bazooka.unixfreak.org> In-Reply-To: Message from Cliff Sarginson <cliff@raggedclown.net> of "Fri, 22 Dec 2000 07:38:37 GMT." <E149Mmj-00075q-00@post.mail.nl.demon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Which is why, btw, you shouldn't have "." in root's PATH.
> In case some scallywag puts a nasty version of .. say "ls" in
> some innocent directory, and this happens to be a shell script that
> does a "rm -rf *" .. ho ho..
^^^
That'd wipe out the directory in which that trojan is in. The worst
thing I can see happening is if you wiped out /tmp while running some
/tmp-intensive application (I can't think of any ATM).
Please note, however, that I'm not debating whether having "." in a
path is a good idea. You're right; it isn't, and not just for root.
Your example didn't show off the dangers very well, though. No
offense intended.
Regards
Dima Dorfman
dima@unixfreak.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001222075823.5921B3E0C>