[3126] in Release_Engineering
Re: NetProb ticket #831, bad path in default zwgc.desc
daemon@ATHENA.MIT.EDU (cfields@MIT.EDU)
Tue Nov 9 13:39:39 1993
From: cfields@MIT.EDU
Date: Tue, 9 Nov 93 13:39:32 -0500
To: bjaspan@security.ov.com, probe@MIT.EDU, sommerfeld@apollo.hp.com
Cc: rel-eng@MIT.EDU
In-Reply-To: [3123]
> Even if the proposed change weren't made, you could make the same
> attack using "mwm" or "dash" or "from" or any of the other commands
> not invoked by absolute pathname out of the system default xsession
> file.
In fact, it's more general than that. Since for any of this argument
to make sense, locker X must be earlier in the search path than the
programs in question, you might as well just use "ls" as your trojan
horse and wait for the user to type it. This is an argument against
the general use of search paths, which is silly. If there's a security
problem, it's that workstations aren't totally reinstalled on login.
(Though changes to attach would help this particular problem.)
Leaving the finding of "zmailnotify" to the PATH environment is the
correct solution. Using explicit paths limits flexibility, including
the use of /srvd/patch.
