excutable from menu line
Bill Campbell
bill at celestial.com
Mon Jun 10 10:11:16 PDT 2013
On Mon, Jun 10, 2013, Dennis Malen wrote:
>Between Ken and Bill, I was able to correct the silly mistake.
The really silly mistake is having the current directory in your
PATH as this is one of the oldest methods of cracking *nix
systems known. All a cracker has to do is put a script in a
likely place, say /tmp/ls or $HOME/ls that will do nasties.
Something like this:
#!/bin/sh
me="$0"
progname=`basename $me`
# do something nasty
chmod 666 /etc/passwd /etc/shadow
# execute the real command
/bin/$progname "$@"
# remove the evidence
rm -rf $me
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792
You know the one thing that's wrong with this country? Everyone gets a
chance to have their fair say. -- Bill Clinton, May 29, 1993, The White House
More information about the Filepro-list
mailing list