Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!bloom-beacon!apple!oliveb!mipos3!omepd!merlyn
From: merlyn@intelob.intel.com (Randal L. Schwartz @ Stonehenge)
Newsgroups: alt.sources
Subject: current-directory in PATH (was Re: Need a "watching" program)
Summary: put it LAST!
Message-ID: <4436@omepd.UUCP>
Date: 16 May 89 13:51:12 GMT
References: <8923@csli.Stanford.EDU> <2040@umbc3.UMBC.EDU>
Sender: news@omepd.UUCP
Reply-To: merlyn@intelob.intel.com (Randal L. Schwartz @ Stonehenge)
Distribution: usa
Organization: Stonehenge; netaccess via BiiN, Hillsboro, Oregon, USA
Lines: 32
In-reply-to: cs411134@umbc5.umbc.edu (Peter Johansson)

In article <2040@umbc3.UMBC.EDU>, cs411134@umbc5 (Peter Johansson) writes:
[method of creating $HOME/ls deleted]
| Why this works:  Most users have ``.'' in their path before ``/bin''
| or ``/usr/bin'' and whetever else, so your ``ls'' gets executed
| instead of the one the snooper expects.  If you like, and if you have
| the source to the system ``ls'', you can include it into your program
| and modify it so that your ``ls'' program never gets displayed.
| Another good idea is not to log your own accesses to the program.
| 
| Dangers and Caveats:  It would be equally easy to have the ``ls''
| program ``rm -R ~/*'' making this information potientially very
| dangerous.  I suggest you remove ``.'' from your path when snooping.
| I hope everyone who reads this message is mature enough to understand
| its implications.

Sheesh.  Ever since the V7 days (remember V7, the One True Unix,
anyone? <grin>)...  I've had "." as the *last* element in my PATH.
True, it doesn't save me from typos, but at least I don't get spoofed,
and I can still exec current-directory stuff when the name doesn't
conflict with a system command (which it never should anyway, for many
many reasons).

Anyone who runs with "." as the first directory is
just-plain-asking-for-it!  (And, no, that wasn't an invitation to *do*
something to somebody.  But, y'all get what you deserve...)

Just a Unix hacker for nearly a decade...
-- 
***** PLEASE IGNORE THE ADDRESS IN THE HEADER *****
/=Randal L. Schwartz, Stonehenge Consulting Services (503)777-0095===\
{ <merlyn@agora.hf.intel.com> ...!uunet!agora.hf.intel.com!merlyn    }
\=Cute quote: "Welcome to Oregon... home of the California Raisins!"=/