how to execute an excutable file

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	sendmail configuration on redhat
•	kernel 2 6 and /dev/sound/mixer not found
•	Promise 378 controller
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	Lotus Notes under Wine
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	rpm database corrupt
•	Command stream end of file while reading
•	qla2300 modules

how to execute an excutable file

how to execute an excutable file

2007-02-28 - By narendra

Back

Reply: 1 2 3 4 5 6 7 8 9

hi
thanks Michael and Rick for this wonderful illustration.
> > > Hi,
> > > why shouldn't current working directory be in the PATH??
> > >
> > > Narendra
> > >
> >
> > This is more important for the 'root' user as opposed to regular users but I
> > guess one could advise it for all users.
> >
> > It's to avoid a security risk called a Trojan Horse. A Trojan Horse is an
> > executable that has the same name as a standard Linux/Unix system command
> > but does something completely different.
> >
> > Say you're in the 'tmp' directory (or any publicly accessible directory) and
> > an unknown user has created a program called 'ifconfig' in that directory.
> > You, as root, would like to execute the 'ifconfig' command while in the tmp
> > directory. If '.' is in the path before /sbin is, you will inadvertently
> > execute the 'ifconfig' command in the tmp directory. That ifconfig command,
> > run as the root user, can do anything it wants, even give root permissions
> > to any other user.
> >
> > That is why the 'root' user should only have well-defined system directories
> > in its path, and definitely not directories that are publicly-accessible.
> > Since '.' can point to anything, it should never be in the path.
> >
> > Variants of this idea can also apply to all users.
>
> Good example, Michael.
>
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
> - Rick Stevens, Principal Engineer rstevens@(protected)
> - - VitalStream, Inc.
> http://www.vitalstream.com - -
> - - To iterate is human,
> to recurse, divine. -
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
>
> __ ____ ____ ____ ____ ____ ____ ____ ____ ____
> Redhat-install-list mailing list
> Redhat-install-list@(protected)
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request@(protected)
> Subject: unsubscribe

Narendra Kumar
PhD Scholar
Bioinformatics Center
National Institute of Immunology
Aruna Asaf Ali Marg
New Delhi-110067 (See http://lhi-110067.ora-code.com)
Telephone Numbers (EPABX): 26717121 to 26717145, Ext:724
Fax : 91-11-26162125 & 91-11-26177626

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe