Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 (Tek) 9/28/84 based on 9/17/84; site hammer.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!genrad!decvax!tektronix!orca!hammer!seifert
From: seifert@hammer.UUCP (Snoopy)
Newsgroups: net.unix
Subject: Re: Exporting shell functions into shell files
Message-ID: <1667@hammer.UUCP>
Date: Fri, 29-Nov-85 22:31:25 EST
Article-I.D.: hammer.1667
Posted: Fri Nov 29 22:31:25 1985
Date-Received: Mon, 2-Dec-85 03:24:26 EST
References: <4588@alice.UUCP> <595@ttrdc.UUCP> <878@psivax.UUCP>
Reply-To: tekecs!doghouse.TEK!snoopy
Organization: The Daisy Hill Puppy Farm
Lines: 19
Summary: Only a security hole if people are sloppy

In article <878@psivax.UUCP> friesen@psivax.UUCP (Stanley Friesen) writes:

>	The problem with this is that it creates a serious security
>hole. A user may inadvertantly or maliciously redefine a command used
>by a system shell script changing its behavior radically. A system
>command that suddenly stops using due to some independent action or
>which can be made to do whatever the user wants by tricking it into
>executing the user's program is very dangerous.

How is this different from having your own bin directory, which
is the first bin in your PATH?  You can redefine commands that way
too.  This security hole is easy to plug.  System commands that
call other system commands should use the full pathname, e.g.
/bin/rm, rather than just rm.  Of course this means that commands
called by other commands have to stay in a known place, and can't
just float all over the universe.

Snoopy (ECS Ronin #901)
tektronix!tekecs!doghouse.TEK!snoopy