[2780] in Athena Bugs
security hole in athena default $path
daemon@ATHENA.MIT.EDU (sctse@ATHENA.MIT.EDU)
Thu Aug 10 22:34:43 1989
From: <sctse@ATHENA.MIT.EDU>
To: bugs@ATHENA.MIT.EDU
Cc: sctse@ATHENA.MIT.EDU
Date: Thu, 10 Aug 89 22:34:08 EDT
I believe this is a well known 'security hole', but I just wonder why
we are still doing this:-
In the NEW default .cshrc (/usr/prototype_user/.cshrc) file:
set path=( . ~/${hosttype}bin /srvd/patch /usr/athena \
/bin/athena /usr/bin/X /usr/new /usr/new/mh/bin \
/usr/ucb /bin /usr/bin /usr/ibm )
The current directory is set to be the first place to search for a
command. But this has a security hole which may/can destroy a unaware
user. Say, if I put a file 'ls' in my home directory which executes 'rm
-rf ~', when someone goes to to my home direcotory and just wants to do 'ls'...
If there is no strong reason to put the . at the beginning of the path,
I suggest we put it at the end of the path instead.
-sctse
