Security and $PATH
guy at rlgvax.UUCP
guy at rlgvax.UUCP
Mon Aug 1 18:28:27 AEST 1983
On the UNIX systems I am familiar with (running USG 5.0), the PATH
variable is set, both in /etc/profile and in login, to begin with a
':', meaning that the current directory is the first directory to be
searched.
It seems to me that this is a significant security hole, because it
means that a user can set a booby trap by writing a shell that has
the same name as a common command, but does something significantly
different.
Is it a common practice to have the default PATH begin with a ':'?
Is there a real good reason to make this the default?
Yes, it is an almost universal practice. However, all USG systems I know
about DO protect the superuser; the default PATH for "root" is
/bin:/etc:/usr/bin (or some permutation thereof). I find it a pain when "root"
to have to say "./xxx" to run a test version of the program "xxx" (for obscure
reasons I do most development work on our System III systems as "root"), but
I have gotten into the habit of saying "./xxx". There is a good reason to
make it the default; people are used to it. If somebody feels like being very
security-conscious I feel it is THEIR responsibility to change their PATH.
I suspect it's somewhat of an issue like compulsory seat-belt laws or helmet
laws; some feel it is a person's responsibility to protect themselves and some
feel this protection should be required whether the person wants it or not.
(No flames please, this is NOT a statement of my views on seat-belt or helmet
laws.) As such, I guess it's really up to the system administrator; you
can always hack "/etc/profile", and anybody who doesn't like the PATH they've
been given can always replace it in their ".profile" anyway.
Guy Harris
{seismo,mcnc,we13,brl-bmd,allegra}!rlgvax!guy
More information about the Comp.unix.wizards
mailing list