Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83 (MC830713); site mcvax.UUCP Path: utzoo!linus!philabs!mcvax!guido From: guido@mcvax.UUCP Newsgroups: net.unix-wizards Subject: Re: Security and $PATH Message-ID: <5319@mcvax.UUCP> Date: Tue, 2-Aug-83 13:00:49 EDT Article-I.D.: mcvax.5319 Posted: Tue Aug 2 13:00:49 1983 Date-Received: Wed, 3-Aug-83 03:58:08 EDT References: <939@rlgvax.UUCP> Organization: Math.Centre, Amsterdam Lines: 17 There is another point concerned that came to my mind when reading the original article that Guy Harris doesn't touch. When a program which lives, e.g., in /bin, uses other programs out there (say, "sort"), it should either specify the full pathname (but surely this makes the program less portable than desired), or it should explicitly SET THE PATH VARIABLE before calling execvp() or system(). (I think you need some hacking with extern char **environ to accomplish this in C.) I saw this happen (rather harmless, though, in that case) where the "man" program failed to work due to a shell script called "nroff" in someone's private bin directory, which shell script called the real nroff after some manipulations that used a file which had recently disappeared. You understand this can happen to any program which carelessly uses system(); and also easily to shell scripts (where the remedy is easiest, though: start with PATH=/bin:/usr/bin or whatever you need). Guido van Rossum, Math. Centre, Amsterdam ...!{decvax,philabs,ukc,...}!mcvax!guido