Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!ucbvax!iWarp.intel.com!news From: merlyn@iWarp.intel.com (Randal L. Schwartz) Newsgroups: comp.unix.admin Subject: Re: Mysterious security hole Message-ID: <1991Jun18.165128.10031@iWarp.intel.com> Date: 18 Jun 91 16:51:28 GMT References: <91161.131540SCHDAVZ@YaleVM.YCC.Yale.Edu> <70@pyuxf.UUCP> <12714@bsu-cs.bsu.edu> Sender: news@iWarp.intel.com Reply-To: merlyn@iWarp.intel.com (Randal L. Schwartz) Organization: Stonehenge; netaccess via Intel, Beaverton, Oregon, USA Lines: 28 In-Reply-To: brendan@cs.widener.edu (Brendan Kehoe) Nntp-Posting-Host: se.iwarp.intel.com In article , brendan@cs (Brendan Kehoe) writes: | sam@bsu-cs.UUCP wrote: | >Here's a nice and fairly simple way to improve security. | >PATH=/bin:/usr/bin:/etc | >then, to execute something in the local directory usr ./command or a | >full path. | | It took some getting used to, but after about a month I got myself | into the pattern of doing this .. and have found it completely | impossible to revert back. :) I've been doing this for over three years, even with my "everyday" account. It's amazing how many "off the net" Makefiles break because they expect to be able to run a shell script named "foo" in the current directory with "foo arg arg arg". I find myself saying PATH=:$PATH make a lot. :-( Just another reasonably secure individual, :-) -- /=Randal L. Schwartz, Stonehenge Consulting Services (503)777-0095 ==========\ | on contract to Intel's iWarp project, Beaverton, Oregon, USA, Sol III | | merlyn@iwarp.intel.com ...!any-MX-mailer-like-uunet!iwarp.intel.com!merlyn | \=Cute Quote: "Intel: putting the 'backward' in 'backward compatible'..."====/