Very Strange
Kip Warner
kip at thevertigo.com
Wed Feb 6 20:21:37 UTC 2008
> The reason that omitting the path to the current directory works on
> Windows is that by default Windows includes the current directory in
> your path. On most UNIX-like systems, the path does not by default
> include the current directory for security reasons (if you're root and
> you type "ls" in someone's home directory and that directory that has
> an malicious "ls" binary in it, the malicious "ls" binary would be
> executed if the current directory is before /bin (or wherever the real
> "ls" is) in your path).
Exactly. And this goes back all the way to the old MS-DOS days. It was a
problem then too.
--
Kip Warner -- Software Engineer
OpenPGP encrypted/signed mail preferred
http://www.thevertigo.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-ca/attachments/20080206/11408262/attachment.pgp>
More information about the ubuntu-ca
mailing list