Which script (was Re: comp.unix.questions)
Bernd Felsche
bernie at DIALix.UUCP
Sat Sep 15 20:24:14 AEST 1990
In article <1990Sep13.151130.10215 at maths.nott.ac.uk> anw at maths.nott.ac.uk (Dr A. N. Walker) writes:
> Just to point out that any such script is easily spoofed, in case
>this is a security- or accounting-related problem. Try something like
>
> $ PATH=/something/innocuous export PATH
> $ /bin/sh
> $ PATH=/secret/directory # note, no export
> $ spoof
>
>and "spoof" will look for itself in "/something/innocuous", even though it
>was found in "/secret/directory". At least, it does in SunOS 4.0.3, and it
>does with our somewhat modded SysV shell, though I don't remember seeing
>anywhere a definition of what *should* happen if an exported variable is
>masked by an unexported one.
IMHO: Your shell is broken. Not my script. On all the real bourne
shells I've tested this on (two so far) the results are dependent on
the _environment_ PATH setting.
Your shell is not using PATH as set in the environment, only its
internal working space value.
Perhaps somebody on the net can elucidate as to the divergence in
philosophy. (I get polysyllabic after 6 hours of reading news.)
bernie.
More information about the Comp.unix.questions
mailing list