Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!asuvax!ncar!midway!clout!chinet!les
From: les@chinet.chi.il.us (Leslie Mikesell)
Newsgroups: comp.unix.admin
Subject: Re: Mysterious security hole
Message-ID: <1991Jun19.150625.17848@chinet.chi.il.us>
Date: 19 Jun 91 15:06:25 GMT
References: <91161.131540SCHDAVZ@YaleVM.YCC.Yale.Edu> <70@pyuxf.UUCP> <12714@bsu-cs.bsu.edu>
Organization: Chinet - Chicago Public Access UNIX
Lines: 12

In article <12714@bsu-cs.bsu.edu> sam@bsu-cs.UUCP (B. Sam Blanchard) writes:

>Here's a nice and fairly simple way to improve security.
>PATH=/bin:/usr/bin:/etc

Isn't this annoying overkill compared to just putting "." last in your
path?  That will prevent accidental execution of the wrong copy of
standard commands while still letting you test programs in your current
directory and run normal makefiles without contortions.

Les Mikesell
  les@chinet.chi.il.us