Date: Tue, 25 Jun 1996 08:38:29 -0700 From: David Greenman <davidg@root.com> To: hal@snitt.com (Hal Snyder) Cc: security@freebsd.org Subject: Re: The Vinnie Loophole Message-ID: <199606251538.IAA19357@root.com> In-Reply-To: Your message of "Tue, 25 Jun 1996 15:17:47 GMT." <31cffc6e.1096226166@vogon.trans.sni-usa.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>Re: Trojan horse programs that get executed because "." is in PATH >somewhere: > >The fact that this well-known, easily plugged loophole is being >rediscovered by new admins (probably daily) suggests that we *could* >do something more proactive to keep it from happening. > >1. How about adding checks for "." or equivalent in $PATH to >/etc/security? Scan for it in .profile, .bashrc, and so forth. This >would not catch every offence but would help. > >2. At appropriate securelevel, have exec() fail with explanation to >syslog if there is no "/" in argv[0]. How much code would [should] >this break? Is this a horrible idea? It's appropriate for some environments and not for others. I certainly wouldn't want the kernel involved in this in any case, and things that do scans through your filesystems need to be carefully controlled. Some systems have so much disk space and NFS that the scan wouldn't complete within the 24 hour time period. Something like (1), if implemented, should not be enabled by default. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606251538.IAA19357>