Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!mcsun!ukc!vision!ukpoit!alan
From: alan@ukpoit.co.uk (Alan Barclay)
Newsgroups: comp.unix.admin
Subject: Re: Mysterious security hole
Message-ID: <1991Jun26.080351.21035@ukpoit.co.uk>
Date: 26 Jun 91 08:03:51 GMT
References: <1991Jun21.203054.989@serval.net.wsu.edu> <1991Jun22.220635.17145@rock.concert.net> <2007@nixsin.UUCP>
Organization: iT - The Information Technology Business Of The Post Office
Lines: 26

In article <2007@nixsin.UUCP> koerber.sin@sni.de writes:
>In article <1991Jun22.220635.17145@rock.concert.net> mcmahan@cs.unca.edu (Scott McMahan) writes:
>|In article <1991Jun21.203054.989@serval.net.wsu.edu> yeidel@tomar.accs.wsu.edu (Joshua Yeidel) writes:
>|>>The example of having something in / is bad for obvious reasons.  But 
>|>>what about /tmp?  A script named say "la" (common type of "ls") which
>|>>does a chmod 777 /, sends mail to the person and then echos 
>|>>"la: Command not found" would do the job nicely. 
>|>
>|>Is /tmp in your path?  Why?
>|
>|I wondered that myself.
>
>No, but if '.' is in your path, and you are in /tmp, that will do some damage.
>Same thing for any writable dir in your path. Maybe UNIX should have an
>option which lets one refuse to run
>	a) writable scripts/programs
>	b) setuid scripts/programs

Ah, so you don't want to run ps, mail or at, to name three programs which
are normally setuid. Also when root a lot of programs have permissions
of 7xx so almost all programs would be writable.
-- 
  Alan Barclay
  iT                                |        E-mail : alan@ukpoit.uucp
  Barker Lane                       |        BANG-STYLE : .....!ukc!ukpoit!alan
  CHESTERFIELD S40 1DY              |        VOICE : +44 246 214241