Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-crg!lll-lcc!pyramid!amdahl!fai!ronc
From: ronc@fai.UUCP (Ronald O. Christian)
Newsgroups: net.unix
Subject: Re: Secure PATH
Message-ID: <345@fai.UUCP>
Date: Tue, 9-Sep-86 16:28:14 EDT
Article-I.D.: fai.345
Posted: Tue Sep  9 16:28:14 1986
Date-Received: Wed, 10-Sep-86 19:54:08 EDT
References: <184@ablnc.UUCP> <5991@alice.uUCp>
Reply-To: ronc@fai.UUCP (Ronald O. Christian)
Organization: Fujitsu America, Inc.
Lines: 26

In article <5991@alice.uUCp> ark@alice.UucP (Andrew Koenig) writes:
>> In my .profile, I have eliminated the beginning : in my path. If a
>> program to be executed is not in a directory indicated in my PATH,
>> I execute it by "./". This is not a BIG hurdle but it is more
>> secure.
>
>If you put the current directory at the end of the search path,
>the hassle is much less and the advantage is almost as great.

***

Doesn't help you in the case of popular misspelling of commands,
like 'sl' and 'mial'.

Oh, sure, I put "." in my path last, but recognize that you are
only a little more secure when you do this.


				Ron
-- 
--
		Ronald O. Christian (Fujitsu America Inc., San Jose, Calif.)
		seismo!amdahl!fai!ronc  -or-   ihnp4!pesnta!fai!ronc

Oliver's law of assumed responsibility:
	"If you are seen fixing it, you will be blamed for breaking it."