The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Top Forums > Shell Programming and Scripting
Reload this Page Questions on shell execution
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read



Thread: Questions on shell execution
View Single Post in the UNIX and Linux Forums - Click on the Thread or Permalink to View Entire Thread -->
  #4 (permalink)  
Old 11-19-2007
gus2000 gus2000 is offline
Registered User
  
 

Join Date: Oct 2007
Posts: 157
I must point out that you increase your risk of an exploit if you modify the root PATH, particularly if you insert in front of the path rather than extending it. For instance, if you put the current-dir (".") in the front of the PATH, then any ordinary user can destroy the system by putting a "rm -fr /" inside a file called "/tmp/ls". If root ever cd's to /tmp and types "ls"...bang.

For security purposes, you should never put a directory in the root PATH that ordinary users have write-access to. Additionally, the root user should not rely on the PATH but rather use full pathnames (I realize this additional step is annoying, so adjust your paranoia level accordingly).